Self-Driving Cars and GDPR
Driverless cars are on track to becoming a reality, but what of privacy and data protection? In this blog we explore self-driving cars and GDPR.
When you think of self-driving cars what comes to mind? I’m willing to go on a limb here and say that it’s not just Knight Rider’s KITT, the Batmobile or other cool movie screen concepts. After all, in today’s technological era, driverless cars are no longer confined to our favourite TV shows and movies.
Tesla already asserts that all of their new cars “come standard with advanced hardware capable of providing Autopilot features today, and full self-driving capabilities in the future—through software updates designed to improve functionality over time.” Meanwhile reports indicated that earlier this year Waymo—a self-driving technology development company—signed a deal to make self-driving cars for use in France and Japan.
This certainly gives new meaning to the phrase “the future is now.” Doesn’t it? Yet as exciting as it all is, there is an undeniable dark side which cannot be ignored—data protection concerns, privacy risks and ethical issues.
In one of our recent Youtube vlogs we explored some potential ethical concerns and it really gets one thinking.
Self-driving cars and GDPR
As for the data protection concerns and privacy risks, here’s the skinny. Self-driving cars—much like today’s connected cars—will rely heavily on data collection, analysis and sharing. Since this data will revolve around our individual lives, some will fall within the purview of personal and sensitive data. Understandably, considering the cloud connectedness of it all, hacking will also be a security risk. This all renders self-driving cars and their technology subject to compliance with the GDPR and the Data Protection Act 2018.
Driverless cars are also a good example of the use of IoT, Big Data and AI all together.
“While self-driving cars and GDPR is a concern itself due to its implications for privacy, one should also consider ethical and Telecoms issues,” comments Aphaia Partner Cristina Contero. “On one hand because of the implementation of AI and, on the other, because self-driving cars will be one of the interconnected devices in the smart network of IoT. This also means that they will be part of smart cities, so making the difference between personal data and non-personal data becomes essential too. It might be clear that data gathered from audio or GPS can be considered part of the self-driving cars and GDPR context, but this is not that clear when it comes to other data like weather or road-conditions information.”
If your organization is moving in the direction of autonomous technology like self-driving cars or related artificial intelligence, conducting a data protection impact assessment is key to ensuring GDPR and and Data Protection Act 2018 compliance. Additionally Aphaia provides GDPR adaptation consultancy services, AI ethics assessments and Data Protection Officer outsourcing.
- The UK’s ICO Publishes Age Appropriate Design Code - January 31, 2020
- Employer/ Employee relations : A GDPR perspective - January 29, 2020
- The ICO has imposed a fine on UK retailer due to poor security safeguards - January 24, 2020