Global Data Protection Chiefs Issue Connected Car Guidance

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Stephen Gardner

Data privacy chiefs from around the world Sept. 28 issued a connected cars data protection nonbinding resolution that gives companies guidelines on how to handle customer data.

Car companies around the globe, such as Ford Motor Co. and Alphabet Inc.'s Waymo, have been ramping up their efforts to release automated and internet-connected vehicles. The global connected car market is estimated to reach $180.3 billion by 2022, according to a study by Grand View Research Inc.

The data supervisors made the resolution public after adopting it in closed session at the 39th International Data Protection and Privacy Commissioners’ Conference (ICDPPC) in Hong Kong. Although nonbinding, the resolution is seen by global privacy officials as a means of promoting common standards for data protection enforcement around the world.

Companies under the purview of data privacy regulators may see increased enforcement as they race to to develop and test fully autonomous vehicles.

The resolution calls for users of autonomous vehicles or connected cars to be given full information on data collection and storage procedures. Data controllers should respect standard data protection principles, for example by limiting the amount of data collected and implementing privacy impact assessments when testing new technologies, it said.

In addition, data controllers should implement appropriate cybersecurity measures and ensure that drivers of connected vehicles can’t be unlawfully tracked, according to the resolution.

Collaboration Resolutions

The global privacy officials also adopted other nonbinding resolutions, including one to establish a working group to investigate collaboration between data protection authorities and consumer protection bodies, and another to update a voluntary data protection authorities collaboration framework for international privacy complaints.

The resolution on privacy protection and consumer protection said there is a need for more cooperation between agencies because of a “growing intersection of consumer protection, data protection and privacy issues, especially online.”

The data protection resolution follows a number of previous resolutions on cross-border privacy enforcement and sets out a model agreement that data protection supervisors from different jurisdictions can use to work on common cases.

To contact the reporter on this story: Stephen Gardner in Hong Kong at

To contact the editor responsible for this story: Donald G. Aplin at

For More Information

The ICDPPC resolutions are available at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security