This conference is dedicated to the topics of data protection and cybersecurity applied to connected and (semi-autonomous) vehicles. The first part presents the main legal instruments adopted at EU law and UNECE level to ensure development of connected and automated vehicles.
The second part analyses the privacy and data protection risks linked to ADAS technologies mandatory under EU Vehicle General Safety Regulation such as driver drowsiness and attention warnings (DDAW), intelligent speed assistance (ISA) and Automated driving systems (ADS). Automated Lane keeping systems under UNECE Regulation n°157, which enable autonomous driving for extended period of times are also analyzed from a data protection perspective. Beside those legally framed ADAS technologies, automotive industry also develops additional technologies such as voice assistants, biometric passenger and driver identification means or augmented reality navigation systems relying on cameras. It will therefore be explained how the GDPR may promote and limits developments of such technologies. In particular it investigates the problems of the identification of the data controller for such processing and the limits of the exception data processing for personal and household purposes.
The last part is dedicated to cybersecurity issues in the automotive sector. This topic is tackled trough analysis of (1) GDPR, (2) UNECE Regulation n°155 on cybersecurity and cybersecurity management systems and (3) the Directive proposal amending the NIS Directive. In particular it shows how the legal current legal framework enlarges the debtors of the cybersecurity obligation in order to target the whole automotive industry stakeholders.