As driverless cars head for our roads, queries about data privacy joins safety and insurance liability as another key area of legal concern.
South Australia leads the way in driverless vehicle technology, with the SA Government introducing laws allowing for on-road trials of driverless cars.
In an industry estaimated to be worth $90 billion within the next 15 years, Flinders University is also preparing to trial driverless shuttle vehicles at Tonsley during 2018.
Researchers at the Flinders University Law are examining legal rights and responsibilities associated with the implementation of driverless vehicles.
Driverless vehicles will have the capacity to source vast amounts of data about its passengers through cameras, audio files and location tracking – up to 4,000 gigabytes per eight hours.
Such data will have huge commercial value, and therefore provides incentive for personal information to be exploited, says Flinders Honours graduate Nicholas Camac, who presented his findings at last year 2nd International Driverless Vehicles Summit in Adelaide.
At the summit Associate Professor Tania Leiman, Dean of Law at Flinders University, presented on the legal position of personal injury compensation schemes, and Australian Consumer Law in relation to driverless vehicles, which are expected to be manufactured and sold by leading automobile manufacturers by 2020.
“Privacy issues often tend to be forgotten or neglected in the discussion about these vehicles, but this is what we should be doing now, long before the vehicles are introduced, so that measures can be put in place to ensure users are secure in their knowledge that their privacy is being protected,” Nic says.
“Questions need to be asked now and the answers made clear about how the data will be used.
“We don’t yet know the business models of the companies involved, but transparency with users regarding the handling of their personal information will be critical.
“Is existing law robust enough to adequately protect the privacy of people using Connected Automated Vehicles, and how such data could possibly be subject to third-party interests?” he asks, pointing to the possibility of this being accessed for commercial influence, such as vehicles being re-routed via specific businesses that have accessed the data.
In a worst case scenario, it could mean that people lose control over their movements and paths of transportation, he says.
Looking further ahead, if driverless software is to be mandated in all vehicles, it could mean that information could be used in unexpected ways.
“It could track all your movements – where you go, who you meet, even what you purchase and where you shop.
“Driverless vehicle software has the capacity to do it all, so social acceptance of the technology will depend on how it is used, and what privacy safeguards are put in place,” he says.
The research also addresses the worries of some people about driverless vehicle data amounting to constant surveillance, via law enforcement, but also insurance agencies, employers, advertisers and information brokers.
Rather than introducing significant change to Australia’s Privacy Act, which underwent significant amendments in 2004, Nic advocates a more clear declaration of privacy as a default position by all data collectors.
“The Privacy Act incorporates various transparency obligations on those collecting personal information, but these obligations are often interpreted broadly by entities,” he says.
“It needs to be made clear by companies collecting the data that people’s privacy is going to be protected from the beginning of the information life cycle.
“The ideal approach would be to tackle the issue through technical privacy-by-design methods aimed at improving data minimisation.”