The golden rules of data protection in CAVs

A new report has identified 10 key principles for the protection of data in the connected and autonomous vehicle (CAV) industry.

The Insurance and Legal 2019 report has been published by AXA UK and Burges Salmon.

The aim of the report is to support and guide government and industry stakeholders as they develop CAV products and services. Some of the key principles include data mapping, privacy by design, best practice cyber security, and collaboration.

In terms of data mapping, the report says organisations will need to carry out a full data mapping exercise to identify any data that will be processed during the lifecycle of a CAV and to be transparent with customers, gaining user trust in the CAV ecosystem.

It also says CAV technology should be developed to only collect data that is needed and is proportionate to requirements. As far as possible data should be anonymised or pseudonymised to protect individual’s rights.

The report also says that all systems and services in the CAV ecosystem should have appropriate technical and organisational measures in place to protect personal data.

Meanwhile, the report says there will need to be ongoing conversations between CAV stakeholders regarding what data should be collected and what should be shared; channels of communication (between governments, OEMs, communication network providers and all other stakeholders in the CAV sphere) will be needed to ensure that communication is kept open and ongoing.

Alongside the report, a video showcases the sheer mass of data driverless cars will create and the need to protect this data. The animation explores predictions that a single driverless car will produce around 4,000 gigabytes of data per day, which is the equivalent of streaming 4,000 hours of movies online.

Types of data include information on surrounding cars and vehicles, passenger routes and preferences, local infrastructure, vehicle performance and more. A data map will help ensure this data is used wisely and determine which stakeholders require access to this data, when and why.

The Insurance and Legal 2019 report also emphasises that without proper management of driverless data, information from driverless vehicles, their passengers and local infrastructure could be vulnerable to misuse.

David Williams, MD underwriting and technical services, AXA Insurance, said, ‘This is the third and final Insurance and Legal report AXA and Burges Salmon have created in conjunction with the FLOURISH consortium, and I think it’s safe to say that the project has achieved its goal of creating clear and concise recommendations for data sharing in relation to CAVs. Without data, driverless cars will not exist, so it’s up to us to prove to consumers that their data will remain safe and secure while providing all the benefits of driverless technology.’

Chris Jackson, head of transport sector, Burges Salmon, added, ‘Data is the new fuel. Developing the data legal/insurance framework in the CAV ecosystem, balancing protections and effectiveness for CAV users and other stakeholders, remains a priority. That will ensure the UK remains a leader in the global CAV market. Burges Salmon remains committed to help make this happen.’