The digital development of the European Union: data governance aspects of cooperative, connected and automated mobility

Article Sidebar

IDP
PDF ePUB

Main Article Content

Ondrej Hamulák
Faculty of Law, Palacký University Olomouc, Czech Republic
Josef Andraško
Institute of the Information Technology Law and Intellectual Property Law Comenius University in Bratislava, Faculty of Law
Matúš Mesarčík
Institute of the Information Technology Law and Intellectual Property Law Comenius University in Bratislava, Faculty of Law

This article focuses on the issue of data governance in connected vehicles. Firstly, basic notions of autonomous vehicles are analyzed, and a legal framework is introduced. The European Union aims to create cooperative, connected, and automated mobility based on the cooperation of different inter-connected types of machinery. The essence of the system is data flow in connected vehicles, and the issue represents one of the heavily discussed themes in legal doctrine. Therefore, data governance is further discussed in the article. The final part of the article deals with the issue of responsibility and liability of different actors involved in the processing of personal data according to the General Data Protection Regulation applied to the environment of CAV smart infrastructure.

Keywords
connected vehicles, autonomous vehicles, GDPR, data governance

Article Details

How to Cite
Hamulák, Ondrej et al. “The digital development of the European Union: data governance aspects of cooperative, connected and automated mobility”. IDP. Internet, Law and Politics E-Journal, no. 34, pp. 1-16, doi:10.7238/idp.v0i34.387494.
Rights
Creative Commons License

This work is licensed under a Creative Commons Attribution-NoDerivatives 3.0 Unported License.

(c) Ondrej Hamulák, Josef Andraško, Matúš Mesarčík, 2021


Copyright

Contents published in IDP are subject to a Creative Commons Attribution-No Derivative Works 3.0 Spain licence, the full text of which can be consulted on http://creativecommons.org/licenses/by-nd/3.0/es/deed.en.

Thus, they may be copied, distributed and broadcast provided that the author and IDP are cited, as shown in the recommended citation that accompanies each article. Derivative works are not permitted.

Authors are responsible for obtaining the necessary permission to use copyrighted images.

 

Assignment of intellectual property rights

The author non exclusively transfers the rights to use (reproduce, distribute, publicly broadcast or transform) and market the work, in full or part, to the journal’s editors in all present and future formats and modalities, in all languages, for the lifetime of the work and worldwide.

The author must declare that he is the original author of the work. The editors shall thus not be held responsible for any obligation or legal action that may derive from the work submitted in terms of violation of third parties’ rights, whether intellectual property, trade secret or any other right.

Author Biographies

Ondrej Hamulák, Faculty of Law, Palacký University Olomouc, Czech Republic

Ph.D. Senior lecturer

Josef Andraško, Institute of the Information Technology Law and Intellectual Property Law Comenius University in Bratislava, Faculty of Law

Ph.D. Assistant professor

Matúš Mesarčík, Institute of the Information Technology Law and Intellectual Property Law Comenius University in Bratislava, Faculty of Law

Ph.D., LL.M. Assistant professor

References

ACEA (2016). “Access to vehicle data for third-party services”. In: ACEA Position Paper, pp. 3 [online]. Available at: https://www.acea.auto/files/ACEA_Position_Paper_Access_to_vehicle_data_for_third-party_services.pdf

ANDRAŠKO, J.; HAMUĽÁK, O.; MESARČÍK, M.; KERIKMÄE, T.; KAJANDER, A. (2021). “Sustainable Data Governance for Cooperative, Connected and Automated Mobility in the European Union”. In: Sustainability, vol. 13, no. 19, p. 10610. DOI: https://doi.org/10.3390/su131910610

ANWB (2015). “Onderzoek naar verzamelen, opslaan, gebruiken en verzenden van data door auto’s” [online]. Dutch Automobile Association. Available at: https://www.anwb.nl/binaries/content/assets/anwb/pdf/auto/connected-car/my-car-my-data---adac---fia-test-data-in-auto.pdf

BSI (2020). “Connected and automated vehicles. Vocabulary BSI Flex 1890 v3.0:2020-10”. In: BSI [online]. Available at: https://www.bsigroup.com/globalassets/localfiles/en-gb/cav/bsi-flex-1890-v3-2020-10.pdf

COLLINGWOOD, L. (2017). “Privacy implications and liability issues of autonomous vehicles”. In: Information & Communications Technology Law, vol. 26, no. 1, pp. 32-45. DOI: https://doi.org/10.1080/13600834.2017.1269871

Commission Nationale de l‘Informatique et des Libertés (2018). “Connected vehicles: a compliance package for a responsible use of data” [online]. Available at: https://www.cnil.fr/en/connected-vehicles-compliance-package-responsible-use-data

CORDEIRO, A. B. M. (2019). “Civil Liability for Processing of Personal Data in the GDPR”. In: European Data Protection Law Review, no. 4.

CZARNECKI, K. (2017). “English Translation of the German Road Traffic Act Amendment Regulating the Use of Motor Vehicles with Highly or Fully Automated Driving Function”. In: ResearchGate [online]. Available at: https://www.researchgate.net/publication/320813344 [Accessed: 25 April 2021].

DG GROW (2017). “GEAR 2030: High Level Group on the Competitiveness and Sustainable Growth of the Automotive Industry in the European Union. Final Report”. In: DocsRoom European Commission [online]. Available at: https://www.europarl.europa.eu/cmsdata/141562/GEAR%202030%20Final%20Report.pdf.

EUROPEAN AUTOMOBILE MANUFACTURERS ASSOCIATION (2020). “ACEA comments EDPB guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications”, p. 6.

EUROPEAN DATA PROTECTION BOARD (2019). Guidelines 4/2019 on Article 25 Data Protection by Design and by Default.

EUROPEAN DATA PROTECTION BOARD (2020a). Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications. Version 1.0 Adopted on 28 January 2020.

EUROPEAN DATA PROTECTION BOARD (2020b). Guidelines 07/2020 on the concepts of controller and processor in the GDPR. Version 1.0. Adopted on 02 September 2020.

FRISONI, R. et al. (2016). “Research for TRAN Committee. Self-Piloted Cars: The Future of Road Transport?”. In: European Parliament Think Tank [online]. Available at: https://www.europarl.europa.eu/thinktank/en/document.html?reference=IPOL_STU(2016)573434

GERMANY. Road Traffic Act. Federal Law Gazette I, last amended by Article 6 of 17 August 2017, p. 3202.

KALA, R. (2016). On-Road Intelligent Vehicles. Motion Planning for Intelligent Transportation Systems. Oxford: Butterworth-Heinemann, pp. 536.

KASPER, A.; KRASZNAY, C. (2019). “Towards Pollution-Control in Cyberspace: Problem Structure and Institutional Design in International Cybersecurity”. In: International and Comparative Law Review, vol. 19, no. 2, pp. 76-96 [online]. DOI: https://doi.org/10.2478/iclr-2019-0015

KERBER, W. (2018). “Data Governance in Connected Cars: The Problem of Access to In-Vehicle Data”. In: JIPITEC, no. 9, pp. 310.

KERBER, W.; FRANK, J. S. (2018). “Data Governance Regimes in the Digital Economy: The Example of Connected Cars” [online]. Available at: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3064794 [Accessed: 25 April 2021]

KERBER, W.; GILL, D. (2019). “Access to Data in Connected Cars and the Recent Reform of the Motor Vehicle Type Approval Regulation”. In: JIPITEC, no. 10, pp. 244 [online]. Available at: https://www.jipitec.eu/issues/jipitec-10-2-2019/4917

KUNER, CH. (2007). European Data Protection Law. Corporate Compliance and Regulation. 2nd. ed. Oxford: Oxford University Press.

LAROUCHE, P.; PEITZ, M.; PURTOVA, N. (2016). “Consumer Privacy in network industries. A CERRE Policy Report”. In: Centre on Regulation in Europe.

MAHIEU, R.; HOBOKEN VAN, J.; ASGHARI, H. (2019). “Responsibility for Data Protection in a Networked World. On the question of the Controller. ‘Effective and Complete Protection’ and its Application to Data Access Rights in Europe”. In: JIPITEC, no. 39. DOI: https://doi.org/10.2139/ssrn.3256743

MATTESON S. (2020). “Autonomous versus automated: What each means and why it matters”. In: Tech Republic [online]. Available at: https://www.techrepublic.com/article/autonomous-versus-automated-what-each-means-and-why-it-matters/ [Accessed: 25 April 2021].

OECD/ITF (2015). “Automated and Autonomous Driving: Regulation under uncertainty” [online]. Available at: https://www.itf-oecd.org/sites/default/files/docs/15cpb_autonomousdriving.pdf [Accessed: 25 April 2021]

SAE (2016). Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles, J3016_201609 [online]. Available at: https://www.sae.org/standards/content/j3016_201609/

SKIHO, K.; SHRESTHA, R. (2020). Automotive Cyber Security. Introduction, Challenges, and Standardization [online]. Singapore: Springer. DOI: https://doi.org/10.1007/978-981-15-8053-6

TOMBAL, T. (2019). “GDPR as shield to a data sharing remedy?”. ASCOLA 2020 Conference [online]. University of Namur - CRIDS/NaDI. Available at: https://law.haifa.ac.il/images/ASCOLA/Tombal.pdf.

VAN ALSENOY, B. (2012). “Allocating responsibility among controllers, processors, and ‘everything in between’: the definition of actors and roles in Directive 95/46/EC”. In: Computer Law and Security Review, no. 28 [online]. DOI: https://doi.org/10.1016/j.clsr.2011.11.006

VAN ALSENOY, B. (2016). “Liability under EU Data Protection Law. From Directive 95/46 to the General Data Protection Regulation”. In: JIPITEC, no. 7, pp. 271 [online]. Available at: https://www.jipitec.eu/issues/jipitec-7-3-2016/4506

VAN ALSENOY, B.; DUMORTIER, J. (2012). “The accountability principle in data protection regulation: origin, development and future directions”. In: GUAGNIN, D. et al. (eds). Managing Privacy Through Accountability. London: Palgrave Macmillian.

YEEFEN LIM, H. (2018). Autonomous Vehicles, and the Law: Technology, Algorithms and Ethics. Cheltenham: Edward Elgar Publishing, p. 4-5.

ŽOLNERČÍKOVÁ, V. (2020). “Prokazování příčinné souvislosti u škod způsobených propojenými autonomními vozidly”. In: Revue pro právo a technologie, no. 21, pp. 129-152 [online]. DOI: https://doi.org/10.5817/RPT2020-1-6

Legal resources

Decision of the CJEU from 5 June 2018, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v Wirtschaftsakademie Schleswig-Holstein GmbH. Case n. C210/16.

Decision of the CJEU from 13 May 2014, Google Spain SL a Google Inc. v Agencia Española de Protección de Datos (AEPD) a Mario Costeja González. Case n. C-131/12.

Decision of the CJEU from 29 July 2019, Fashion ID GmbH & Co.KG v Verbraucherzentrale NRW eV. Case n. C40/17.

EUR-Lex-32002L0058. Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).

EUR-Lex-32010L0040. Directive 2010/40/EU of the European Parliament and of the Council of 7 July 2010 on the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other modes of transport.

EUR-Lex-32016R0679. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance). OJ L 119, 4.5.2016, p. 1–88.

EUR-Lex-32018R0858. Regulation (EU) 2018/858 of the European Parliament and of the Council of 30 May 2018 on the approval and market surveillance of motor vehicles and their trailers, and of systems, components and separate technical units intended for such vehicles, amending Regulations (EC) No 715/2007 and (EC) No 595/2009 and repealing Directive 2007/46/EC (Text with EEA relevance). PE/73/2017/REV/1. OJ L 151, 14.6.2018, p. 1-218.

EUR-Lex-32019R2144. Regulation (EU) 2019/2144 of the European Parliament and of the Council of 27 November 2019 on type-approval requirements for motor vehicles and their trailers, and systems, components and separate technical units intended for such vehicles, as regards their general safety and the protection of vehicle occupants and vulnerable road users, amending Regulation (EU) 2018/858 of the European Parliament and of the Council and repealing Regulations (EC) No 78/2009, (EC) No 79/2009 and (EC) No 661/2009 of the European Parliament and of the Council and Commission Regulations (EC) No 631/2009, (EU) No 406/2010, (EU) No 672/2010, (EU) No 1003/2010, (EU) No 1005/2010, (EU) No 1008/2010, (EU) No 1009/2010, (EU) No 19/2011, (EU) No 109/2011, (EU) No 458/2011, (EU) No 65/2012, (EU) No 130/2012, (EU) No 347/2012, (EU) No 351/2012, (EU) No 1230/2012 and (EU) 2015/166 (Text with EEA relevance).

EUR-Lex-52016DC0766. COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS A European strategy on Cooperative Intelligent Transport Systems, a milestone towards cooperative, connected and automated mobility.

EUR-Lex-52018DC0283. COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE, THE COMMITTEE OF THE REGIONS On the road to automated mobility: An EU strategy for mobility of the future.

EUR-Lex-C/2019/1789. COMMISSION DELEGATED REGULATION (EU) …/... supplementing Directive 2010/40/EU of the European Parliament and of the Council with regard to the deployment and operational use of cooperative intelligent transport systems.