The federal government has indicated that it opposes any move to implement new rules that could restrict law enforcement agencies from accessing data generated by automated vehicle technology and cooperative intelligent transport systems (C-ITS).
The National Transport Commission this week issued a policy paper addressing the privacy challenges raised by C-ITS and automated vehicle technology.
Not only do emerging categories of vehicle data, such as that captured by in-vehicle cameras or health sensors, create potential privacy risks, but C-ITS ushers in the potential for largescale, direct collection of basic vehicle data such as speed, location and direction, thanks in part to V2X communication.
Following a consultation process, the NTC has said that it was in favour of developing “broad principles on limiting government collection, use and disclosure of C-ITS data” rather than relying on Australia’s existing information access framework or explicitly limiting “government collection, use and disclosure” of all C-ITS and automated vehicle data to specific purposes.
“These principles will help guide further development of the regulatory framework for C-ITS and automated vehicle technologies while providing a sufficient degree of flexibility as the technology develops,” the policy paper states.
The 11 principles seek to ensure that laws and related standards for C-ITS and automated vehicles balance the government access to data with “additional privacy protections to appropriately limit the collection, use and disclosure of C-ITS and automated vehicle data,” including embedding access powers and privacy protections in legislation, and clearly defining the relevant data “in inclusive and technology neutral terms”.
Relevant laws should state “the C-ITS and automated vehicle data covered, the purposes for which the data can be used and the parties to whom the purpose limitations apply while not impeding access to data with a warrant or court order authorising a different use.”
The policy paper also calls for recognition that it is difficult to irreversibly de-identify personal information.
The NTC approach strays from that advocated by the federal government, however. Earlier this year the Department of Infrastructure, Regional Development and Cities made a submission (PDF) to the NTC’s discussion paper on government access to data.
That submission was prepared with input from a range of other government entities, according to the department, including the Attorney General’s Department and the Department of Home Affairs.
It rejected any move to implement new restrictions on government use of C-ITS and automated vehicle data, arguing that the “types of information generated by these technologies will not be new in nature”.
“Existing technologies such as mobile phones, stand-alone and vehicle-installed GPS devices, local government and road-agency video surveillance, dash-cams, smart watches, and other personal electronic devices such as fitness trackers already generate this type of information,” the department said.
The department argued that the “community is more concerned about safety, cyber security and liability issues” rather than government access to data.
Depending partly on how they function, some technologies may fall within the existing framework of the Telecommunications (Interception and Access) Act, which includes provisions for warrant-free access to ‘metadata’, or the Surveillance Devices Act.
“The Australian Government would have concerns about specific regulations governing the ability of law enforcement and national security agencies to undertake data and computer-based surveillance on new technologies (including on non-traditional devices),” the department argued.
“For example, increased prohibitions on access to automated vehicle and C-ITS data may negatively impact agencies’ ability to investigate and prosecute serious crimes.”