The key aspects regarding the legal framework summarize as follows:
Road traffic regulation
- Adjusting the term “driver” to include “systems with full control over a vehicle” (Art. 1 lit.v of the Vienna Convention on Road Traffic).
- Allowing automated cars to go as fast as 130 km/h and change lanes automatically (changing in particular regulation no.79 on steering equipment of the UN-Regulations on Road Traffic).
- Enabling automated and connected drive systems to participate in road traffic (adjustments to the German Road Traffic Ordinance (StVG)).
- Proper usage of automated and connected cars per se does not constitute driver negligence or results in increased liability risks for the driver.
- Road traffic laws shall be reviewed, as to whether in certain situations the controlling systems are functionally equivalent to a “driver”.
IT-Security and Privacy
- International standards on highly automated driving shall be developed.
- The scope of the “European Code of Practice for Safe Development of Advanced Driver Assistance Systems” shall be extended to cover safety standards for automated vehicles.
- Suitable system structures and tests shall be developed, in cooperation with the Automobile industry. New standards for the periodic technical surveillance (PTI) of cars shall be defined and included in the directives 2014/45/EU and 2007/46/EG
- The Automobile industry must guarantee safe encryption of data and communication. The BMVI will review possibilities of controlling these processes, such as an external department inspecting such systems and/or the certification of these processes.
- Security standards against unauthorised data access shall be developed and presented to the UNECE (United Nations Economic Commission for Europe).
- Functional safety standards (ISO 26262), IT and encryption standards shall include automated and connected drive.
- The principles of data minimization and specific purpose of usage shall continue to apply.
- Technological solutions for anonymizing and pseudonymizing data shall be further developed.
- User consent to collecting and processing data must be free and informed, as well as revocable. Users must have the option to select and turn off data enabled services, other than those directly related to vehicle functions and safety.
- Privacy friendly systems in the components and the initial settings must follow the principles of “privacy by design" and “privacy by default”.
The BMVI will run a dedicated digital testing area on the Autobahn in Bavaria between Munich and Ingolstadt, where innovations can be tested, evaluated and developed. The emphasis will be on highly and fully automated driving, Car2Car and Car2Infrastructure communication, with the most modern sensor technology, high-precision digital maps and real-time communication if up-to-date transmission standards.
The steps envisioned by the BMVI are fundamental and will change the way traffic works in the future, both in urban areas as well as across wider regions. While there are numerous hurdles to take, legal practitioners in the Automotive as well as the IT industry will need to track these changes and their impact on clients and stakeholders.
Bird & Bird is at the forefront of advising businesses on the legal impact of regulatory changes to technology strategy and roadmaps in the Automotive & Tech industry. Interested parties are invited to register for the upcoming Bird & Bird IT & Automotive seminar Driving your Business through IT – IT’s all about the Data
on October 13, 2015 in Munich.