DRAFT 23 March 2015, Roeland de Bruin.1
Autonomous Intelligent Cars on the European intersection of
liability and privacy.
1. Introduction
Consumer cars are increasingly being equipped with technology automating certain aspects of
driving. Examples of such technologies include lane keep assistance, emergency braking, parking
assistance and adaptive cruise control. In the near future, higher levels of car-automation will
become available, eventually leading to the introduction of autonomous intelligent cars (AIC). AIC
could amongst other things contribute to safety on the roads, and decrease the number of car
accidents (93% of traffic accidents are caused by human failure, 2 leading to 1.3 million deaths and 50
million serious injuries worldwide per year).3
A definition of AIC consists of three elements. Autonomy relates to the level of human intervention
necessary for operation, which can be seen as a spectrum: a lower need for human intervention
implicates a higher level of autonomy. Intelligence relates to the ways in which a system can perceive
its surroundings, and is able to adapt behaviour to changing environments. It includes the ability to
learn, to reason and to solve problems.4 Ultimately, AIC may become capable of perceiving data and
information, which are able to learn and make decisions based upon their experience, used for
transportation of goods or people to a certain destination without the need of human intervention.
Although it is likely that specific aspects of car-technology will become more automated in the near
future, many technological challenges must be met to make fully autonomous intelligent driving
available on a large scale to consumers. Besides technological challenges, the introduction of
(gradual) autonomy in automotive technology also implicates a number of ethical, legal, societal and
economic issues. The legal challenges include many fields law.
The question can be raised if, and to what extent the forthcoming introduction of Autonomous
Intelligent Cars, given the current regulatory framework in the EU, would lead to desirable outcomes,
in relation to the core values underpinning this regulatory framework. These core values include the
fair apportionment of risks inherent to modern technology, the protection of consumers and the
stimulation of innovation in terms of economic growth. Furthermore, it is the question in which ways
and on what levels the regulatory framework can be optimized, to equip both the development of
AIC-technology and accepted introduction thereof in society. In this respect, it must be taken into
1
Roeland W. de Bruin LL.M. is Jr. Assistant Professor at the Centre for Access to and Acceptance of Autonomous
Intelligence, Molengraaff Institute for Private Law, REBO-faculty, Utrecht University, and IT-lawyer at Mitopics B.V.
2 B. Walker Smith, Human error as a cause for vehicle crashes, Center for Internet and Society at Stanford Law School, 18
November 2013, via http://cyberlaw.stanford.edu/blog/2013/12/human-error-cause-vehicle-crashes.
3 http://www.oecd-ilibrary.org/sites/factbook-2013en/06/02/03/index.html?contentType=&itemId=/content/chapter/factbook-2013-50en&containerItemId=/content/serial/18147364&accessItemIds=&mimeType=text/html, also cited in Gillian Yeomans,
Autonomous Vehicles – handing over control: opportunities and risks for insurance, LLOYD’S 2014, via
https://www.lloyds.com/~/media/lloyds/reports/emerging%20risk%20reports/autonomous%20vehicles%20final.pdf,
(Yeomans 2014) p. 5.
4 See M. de Cock Buning, L. Belder & R.W. de Bruin, Mapping the Legal Framework for the introduction into Society of
Robots as Autonomous Intelligent Systems, CAAAI-working paper, p. 3-4, available via http://www.caaai.eu/wpcontent/uploads/2012/08/Mapping-L_N-fw-for-AIS.pdf, and the references to S. Chopra and L.F. White, A Legal Theory for
Autonomous Intelligent Agents, Ann Arbor: University of Michigan Press 2011, p.10 (autonomy) and Davies, C.R., ‘An
evolutionary step in intellectual property rights – Artificial intelligence and intellectual property’, Computer Law & Security
Review 27, 2011, p. 601-619 (intelligence).
1
account that legislators tend to respond to the introduction of new, disruptive technologies such as
photography, the VCR and software,5 with the instalment of case specific legislation, without the
level of flexibility necessary for anticipating new innovations as well as the societal adoption thereof.6
This paper will discuss the possible impact of the current regulatory framework on the development
of AIC and deployment thereof in society by looking at the intersection of civil liability law and data
protection law in the European Union based on a – simple – case study. The question will be
addressed in which ways the current EU regulatory framework on establishing liability for damages
caused by AIC (insofar that is present to date), using for example vehicle tracing technology, may
interfere with the right to data protection of consumers of AIC-technology. An analysis will be made
of the harmonized rules on product liability law, followed by a case study of (non-harmonized)
liability for car owners/possessors in the Netherlands. This will show that AIC-technology in itself will
contribute to answering the question as to how to establish liability. For instance AIC equipped with
black boxes,7 or vehicle tracing technology recording (and communicating) sensory information,
decisions of the systems and input from the driver will be used to establish the cause of an action
leading to damage. The fact that AIC technology can also assist in allocating liability may form an
incentive, for instance, to insurance companies to insure certain risks involved in AIC, which may in
turn contribute to development and deployment of the technology. However, the same fact that AIC
will be able to process and store massive amounts of (personal) data, possibly being connected to
other AIC’s, or (interconnected) networks, forms a potential threat to the privacy of its drivers, which
may hinder acceptance of the technology. Finally, this paper will conclude with some remarks on
potential challenges for the EU regulatory framework given the core values of the allocation of risks,
consumer protection and the EU Horizon 2020 ambitions on innovation and economic welfare, in
view of the pending introduction of Autonomous Intelligent Cars.
5
See M. de Cock Buning, ‘The History of copyright protection of computer software, the emancipation of a work of
technology towards a work of authorship’, in: Handbook The History of Information Security (Reed Elsevier International),
August 2007, p. 121-140.
6 See M. de Cock Buning, ‘Auteursrecht en informatietechnologie, over de beperkte houdbaarheid van technologiespecifieke
regelgeving’, (dissertation), Amsterdam: Otto Cramwinckel 1998, and M. de Cock Buning, De mediamachine als zevenkoppig
monster (inaugural lecture Universiteit Utrecht), Otto Cramwinckel: Amsterdam 2006.
7 An option also mentioned in Yeomans 2014, p. 18.
2
Table of Contents
1. Introduction ..................................................................................................................................... 1
2.
Autonomous Intelligent Cars on the EU roads? .............................................................................. 4
3.
Civil liability for damages caused by Autonomous Intelligent Cars ................................................ 6
3.1
A Scenario ................................................................................................................................ 6
3.2
Harmonized framework on Product Liability .......................................................................... 6
3.2.1
Regulatory framework: Core Values of the Product Liability Directive .......................... 6
3.2.2
Addressing the questions under the Product Liability Directive ..................................... 8
3.3
3.3.1
France .............................................................................................................................. 9
3.3.2
Netherlands ................................................................................................................... 10
3.3.3
United Kingdom ............................................................................................................. 11
3.4
4.
Interim observations ............................................................................................................. 12
AIC tracing technology and information privacy ........................................................................... 14
4.1
AIC tracing technology? ......................................................................................................... 14
4.2
Current framework ................................................................................................................ 14
4.2.1
EU Data Protection Directive ......................................................................................... 15
4.2.2
Forthcoming EU General Data Protection Regulation................................................... 18
4.3
5.
Less harmonized: framework on liability for motor vehicles .................................................. 9
Interim observations ............................................................................................................. 18
Summary and conclusions ............................................................................................................. 19
3
2. Autonomous Intelligent Cars on the EU roads?
The European Union aims to promote innovation, which is seen as a key driver of economic welfare
and growth.8 It is observed that, while the EU market is the largest in the world, it is not innovationfriendly enough. The EU Member States are together spending 0.8% of GDP less than the US, and
1.5% less than Japan yearly in research and development.9 A number of measures taken to stimulate
innovation is set out in the Digital Agenda for Europe.10 Investing in the development of robotics in
Europe lists high on the Digital Agenda and it aims to contribute to inter alia productivity and
competitiveness, reindustrialisation, health, environment and security.11 Autonomous Intelligent Cars
form an example of the development of robotics in Europe. Besides furthermore contributing to
safety on the European roads, AIC may be beneficial for efficient use of the road network, may lead
to reducing CO2-emissions and could contribute to mobility of disabled people.12
Not everyone is optimistic about a driverless future. It is stated that while in general AIC will be
beneficial to road safety, other risks will follow from the introduction of autonomous vehicles, which
will (when interconnected) for example be vulnerable to hacking. Also businesses and jobs that rely
on the way in which logistics processes for persons and goods are organised, such as taxi and
transportation markets will change significantly and eventually become obsolete after the
autonomisation of driving.13 It is also observed that accident risks will increase when autonomous
and non-autonomous cars co-exist on the same roads. Furthermore, some are just reluctant to give
up the pleasure of driving.14
Many steps towards automating driving have already been made. Modern cars are often equipped
with some of the following technologies: lane-keep-assistance, electronic blind spot assistance,
traffic jam and queuing assistance, adaptive cruise control, emergency breaking and crash avoidance.
There are prototypes available which are able to drive without someone controlling the car. Google is
currently pioneering self-driving car technology, and has announced to put a fully functioning
prototype of an autonomous intelligent car to road tests (Bay Area, California, United States) in the
beginning of 2015.15 Also in the European Union, car manufacturers concentrate on the development
of AIC-technology.16 For example Scania is testing “Platooning” technology: on 9 February 2015 a
road train of self-driving trucks was deployed on the Dutch roads, which were autonomously
following a human controlled truck heading the convoy.17 Volvo has planned to deploy 100 cars
8
See Communication from the Commission “Europe 2020, A strategy for smart, sustainable and inclusive growth”,
COM(2010) 2020 final.
9 http://ec.europa.eu/research/innovation-union/index_en.cfm?pg=why (accessed 17 March 2015).
10 http://ec.europa.eu/digital-agenda/.
11 Communication […] “Horizon 2020 – The Framework Programme for Research and Innovation”, SEC(2011 1427 & 1428
final, COM(2012) 808 final (Horizon 2020). See also http://ec.europa.eu/digital-agenda/en/robotics.
12 See for example Yeomans 2014, p. 5. Also A. Pawsey & Ch. Nath, “Autonomous Road Vehicles”, Parliamentary Office of
Science & Technology, POSTnote no. 443, September 2013 (POSTnote 2013), p. 1. Available via
http://www.parliament.uk/briefing-papers/post-pn-443.pdf; and E. Palmerini e.a., D 6.2, “Guidelines on Regulating
Robotics”, 22 September 2014 (RoboLaw 2014), p. 42.
13
See for example S. Le Vine & J. Polak, Automated Cars: A smooth ride ahead?, Paper for the Independent
Transport Commission, February 2014, p. 14. Via http://www.theitc.org.uk/docs/114.pdf.
14
See W. Cunningham, “Six reasons to love, or loathe, autonomous cars”, CNET.com 8 may 2013, via:
http://www.cnet.com/news/six-reasons-to-love-or-loathe-autonomous-cars/.
15
http://en.wikipedia.org/wiki/Google_driverless_car, referring to Matt O’Brian, “Google's 'goofy' new self-driving car a
sign of things to come”, Mercurynews.com, 22-12-2014, via http://www.mercurynews.com/business/ci_27190285/googlesgoofy-new-self-driving-car-sign-things.
16 See for instance https://www.media.volvocars.com/us/en-us/media/pressreleases/145619/volvo-car-groups-first-selfdriving-autopilot-cars-test-on-public-roads-around- (Volvo), http://www.pcmag.com/article2/0,2817,2387524,00.asp,
(Volkswagen) http://www.bbc.com/news/technology-25653253 (BMW).
17 See http://www.scania.nl/about-scania/media/platooning/ (accessed 20 March 2015).
4
which are claimed to be able to take over all aspects of driving in Sweden by 2017.18 In Germany, a
part of the A9-Autobahn between Munich and Berlin is reserved for extensive testing of autonomous
vehicles in the coming years.19
First patented "Motorwagen" by Karl Benz in 1886. Via
http://www.automotoportal.com/article/when-did-thefirst-car-come-into-our-lives.
Interior of the Mercedes Prototype F015 Luxury in Motion,
a fully autonomous concept car. Via
http://www.motorauthority.com/news/1029271_thefuture-arrives-early-with-mercedes-f015-autonomous-carconcept-video.
Fully autonomous vehicles are not available to the public yet, and it is predicted that it will take at
least some years if not decades before AIC will be commonplace on the European Roads. The
development of autonomy in cars is observed to be a spectrum. Starting from ‘driver only’, the next
steps toward ‘full autonomy’, a stage in which drivers eventually become redundant, may be
‘assisted driving’, ‘partial autonomy’ and ‘high autonomy’.20
Phases
Driver only
Driver assistance
Partial autonomy
High autonomy
Full autonomy
Levels
A vehicle is fully controlled by a (human)
driver. Some automation may be provided
Steering and/or acceleration are automated.
Other functions are driver-controlled.
The driver does not control
steering/acceleration, but needs to be
attentive at all times, and needs to take back
control instantaneously when required
Vehicles are able to operate autonomously for
some portions of the journey. Transfer of
control back to human drivers happens with
some warning
The vehicle is capable of driving unaided for
the entire journey with no human intervention
– potentially without a human in the car.
Current examples
Cruise control, Electronic Stability
Control, Anti Blocking System
Adaptive cruise control (distance
to car in front maintained), Parking
assistance (steering is controlled,
driver needs to accelerate/brake)
Adaptive cruise control with lane
keeping. Traffic jam assistance
Prototypes
Science fiction (in 2015).
18
See http://blog.caranddriver.com/volvo-has-a-production-viable-autonomous-car-will-put-it-on-the-road-by-2017/.
(accessed 20 March 2015).
19 See http://www.motorauthority.com/news/1096521_germany-plans-autonomous-car-test-program-on-high-speedautobahn. (accessed 20 Marh 2015).
20 These phases and their descriptions (listed in the table), are cited/minimally adapted from POSTnote 2013, p. 2. These
are also used in for example Yeomans 2014, p. 7.
5
3. Civil liability for damages caused by Autonomous Intelligent Cars
3.1 A Scenario
An Autonomous Intelligent Car crashes into a group of students on bicycles at 3 in the
morning, leaving two of them injured and their bikes heavily damaged. The cyclists ignored
a red traffic light. The AIC had, due to a known error, just updated its software for
processing optical sensory information for crash avoidance, but the error-log shows that the
software dramatically failed to operate as it was supposed to. Instead of slowing down the
car, it had accelerated towards the cyclists. Also, the driver may not have been paying
sufficient? attention, given the time of night. Who can be held liable for compensating the
damages of the injured bicyclists?
3.2 Harmonized framework on Product Liability
3.2.1 Regulatory framework: Core Values of the Product Liability Directive
On 25 July 1985 the EEC issued the Directive on the approximation of the laws, regulations and
administrative provisions of the Member States concerning liability for defective products (Product
Liability Directive, PLD), which has been amended once - by Directive 1999/34/EC. The PLD serves
both economic and social goals. The EEC considered on the one hand that harmonization of product
liability law contributes to both the correct functioning of the internal market, thus enabling the
creation of a “level playing field” for businesses.21 On the other hand, it sees to the effective
protection of consumers. It thus seeks to provide a fair apportionment of damages between
manufacturers and persons suffering damages from defective, unsafe, products. The PLD is stated to
be the “result of a complex balancing of interests, […] those interests include guaranteeing that
competition will not be distorted, facilitating the trade within the common market, consumer
protection ensuring the sound administration of justice”.22
The PLD provides a set of rules installing a no-fault23 liability regime for producers, creating rights for
consumers which cannot be limited or waived,24 to seek compensation for damages caused to people
and goods by defective products.25 The regime operates alongside and without prejudice to national
regulations on either contractual or non-contractual liability, “in so far as these provisions also serve
to attain the objective of effective protection of consumers”.26
Its objective is to create a one-stop-shop for consumers who have suffered damages caused by
industrially produced movable goods, including electricity,27 that are defective. Defective are those
products lacking a certain amount of safety “which the public at large is entitled to expect, taking all
circumstances into account, including (a) the presentation of the product; (b) the use to which it
21
See also J. Stapleton, Product Liability, London: Butterworths 1994 (Stapleton 1994), p. 61.
ECJ 25 april 2002, C-52/00 (Commission/French Republic), paragraph 29, also cited in a similar context in C. van Dam,
European Tort Law, Oxford: Oxford University Press 2006 (Van Dam 2006), p. 371.
23 The PLD is not generally considered to provide a strict liability regime, since it leaves room for producers to exonerate
themselves based on defenses as to the non-discoverability of defects, and the possibility to reduce liability based on fault
(contributory negligence) by consumers of defective products. See also Stapleton 1994, p. 236-237.
24 Article 12 PLD.
25 See the –non-numbered – considerations of the Product Liability Directive.
26 Article 12 PLD as well as the considerations at this point.
27 Article 2 PLD.
22
6
would reasonable be expected that the product would be put”, and “(c) the time when the product
was put into circulation”.28 As long as consumers can prove the defect, the damage and the causal
relationship between those two criteria,29 compensation is to be sought not only from the actual
producer, but also from amongst others the importer, the manufacturer of raw material and
components and the end-supplier of the defective product.30 The losses covered for in the PLD may
consist in damage caused by death or personal injuries, and damage to items intended and/or used
for private consumption by the injured person, other than the defective product itself “with a lower
threshold of 500 ECU”31 (Euro). However, whenever damages are caused by both a defective product
and a fault of the person suffering damage (defined in the considerations as “contributory
negligence”), this may lead to reduction or disallowance of liability of the producer. Liability for
producers may be exonerated, when for instance “it is probable that the defect which caused the
damage did not exist at the time when the product was put into circulation or that this defect came
into being afterwards”.32
Furthermore, the PLD states33 that a producer cannot be held liable when “the state of scientific and
technical knowledge at the time when he put the product into circulation was not such as to enable
the existence of the defect to be discovered”.34 In the context of this paper, it is relevant to elaborate
a bit further on this ‘state of the art’-defence. It can be questioned what is considered to form the
“state of scientific and technological knowledge” that must be taken into account in assessing the
discoverability of defects. Stapleton suggests three categories, of: a) defects – absolutely –
undiscoverable given the state of the art; b) defects that were discoverable, however only by
extraordinary means; and c) defects discoverable by reasonable, ordinary means.35 Stapleton
furthermore argues that it would be fair to adhere to the third category, which would be in line with
the implemented text of 7(e) PLD in the United Kingdom.36 This provision reads: “…that the state of
scientific and technical knowledge at the relevant time was not such that a producer of products […]
might be expected to have discovered the defect if it had existed in his products while they were
under his control”.
The ECJ concluded that the wording of the UK-implementation was not manifestly contrary to the
Directive, but that the “argument [of the UK, (RW)] that such national provision permits account to
be taken of the subjective knowledge of a producer taking reasonable care, having regard to the
standard precautions taken in the industrial sector in question, selectively stresses particular terms
used in the provision without demonstrating that the general legal context of the provision at issue
fails effectively to secure full application of the directive.”37 The ECJ points out that a producer
relying on the 7(e)-defence, must prove that the objective, most advanced state of the art, not
limited to the industrial sector concerned, was not “such as to enable the existence of the defect to
28
Article 6(1) PLD.
Article 4 PLD.
30 Article 3 and 5 PLD.
31 Article 9(b) PLD.
32 Article 7(b) PLD.
33 This is a minimum-harmonization provision, allowing states to take regulatory measures allowing the establishment of
liability for producers even when can be proved that a defect could not have been discovered based on the state of the
scientific and technological knowledge at the time a product was put into circulation, see Article 15(1)(b) PLD.
34 Article 7(e) PLD.
35 Stapleton 1994, p. 239.
36 Stapleton 1994, p. 242.
37 ECJ 29 May 1997, C-300/95, Commission/United Kingdom.
29
7
be discovered”,38 as long as that knowledge had been accessible at the time when the defective
product was put into circulation.
Despite this judgment, there still is no consensus amongst EU Member States on the application of
the state of the art defence, concluded the European Commission in 2011.39 Some member states
even argue in favour of removing this liability exclusion clause from the Directive, for that would lead
to a better functioning of the internal market. Industry and insurance companies point out that
when such should happen, this would have a direct negative impact on the speed of innovation and
the development of new products, and lead to higher insurance costs.40
3.2.2 Addressing the questions under the Product Liability Directive
Defective product
The scenario sketched in paragraph 3.1 provides that there was a failed update to fix the error in the
software processing data from sensors placed on the exterior of the car, which measure the distance
between the car and (speed, distance and direction of) other objects surrounding it. This sensory
information provides input to a mechanism able to interfere with the systems controlling the
direction and the speed of the car on the road, which are able to actuate an emergency-stop of the
car, in case objects get into a too close range. Assuming that this is one of the key safety systems of
Autonomous Intelligent Cars, the question can be addressed whether or not the AIC was at the time
of the accident lacking the amount of safety “which the public at a large is entitled to expect”.
Although the scenario does not provide much detailed information on the actual ‘defect’ and other
relevant circumstances, one may assume that “the public at a large” should expect an accurate link
between systems processing sensory information on speed, distance and direction of other objects
on the road and the systems controlling the speed and direction of the car itself. And, if such
connection fails, that the driver of a car is properly informed of the existing safety failures. Should
that not be the case, victims may be able to prove the existence of a defective product.
Damage: personal injury or damage to private property
The scenario draws that the accident led to both personal injuries and damage to private property,
which are the (only) two categories of damage that may be compensated on behalf of the Product
Liability Directive. One should note that for instance compensation for damage to the AIC itself
cannot be sought from the manufacturer based on the PLD. Furthermore, no damages have to be
paid below the amount of € 500,-.
Causal relationship
The Product Liability Directive does not provide a definition of causality, which is (thus) left to the
Member States. Various concepts of causation are used, although in every jurisdiction a “condition
sine qua non” (CSQN)-test is applied to establish links between conduct or cause and damage.41 The
CSQN-test asks the question whether or not damage would also have occurred without a certain
occurrence, being for instance a conduct or negligence. In ‘our’ case, a CSQN-test may be formulated
as follows: would the damages to the cyclists and their bikes also have occurred without the defect in
the sensory information processing software in the AIC? Given for instance the circumstance that the
cyclists ignored a red traffic light – which in case they didn’t may well have prevented the accident,
and the suggested fatigue of the driver who may otherwise have had interfered with the self-driving
mechanism, this may not be established easily.
38
Idem.
Fourth report on the application of Council Directive 85/374/EEC of 25 July 1985 on the approximation of the laws,
regulations and administrative provisions of the Member States concerning liability for defective products amended by
Directive 1999/34/EC of the European Parliament and of the Council of 10 May 1999, COM(2011), 547 final, (Fourt Report
PLD) p. 9-10.
40 Idem.
41 See Van Dam 2006, p. 266-268.
39
8
Contributory negligence
Linked to the causality question, the PLD provides that liability of the producer may be reduced or
disallowed when the injured person contributed to the causation of damages. The facts that the
cyclists didn’t obey the traffic rules and the driver’s condition, may well constitute a reason for at
least the limitation of liability of the producer.
Defences
It is questionable if for instance the “state of the art”-defence would lead to an escape from liability
of the producer – should it be established. The producer of the AIC depicted in the 3.1-scenario must
then prove that the state of the “scientific and technical knowledge was not as such as to enable the
existence of the defect to be discovered”. He may state that the objective state of the art could not
reasonably foresee the existence of the error, and that as soon as this error surfaced, he provided a
“bug fix” – which was applied to the car.
In order to provide some appropriate guidelines for answering the proposed questions, more
information would be required on the exact (mal)functioning of the initial software, the ‘bug fix’, the
behaviour of the driver influencing the behaviour of the AIC, and the behaviour of the unfortunate
cyclists, to draw more accurate conclusions as to the causal relationship between the defect and the
damages, contributory negligence and the state of the art defence. These kinds of factual
information are to date not easily (re)constructed after an accident took place – but may be in the
future. See for example the possibilities a ‘black box’ could offer in paragraph 4.
3.3 Less harmonized: framework on liability for motor vehicles
Despite the EC’s attempt in 2002,42 there is currently no framework in place harmonizing rules on
liability for damages following from incidents with motor vehicles in general, which is thus
individually addressed by the legal regimes of the Member States. The European Commission has
issued six Directives on Insurance for motor vehicles, of which one is still in force to date.43 The
Motor Insurance Directive44 regulates civil liability insurance for motor vehicles throughout the EU
Member States, without setting material norms for determining and apportioning liability.
3.3.1 France
In 1985 the French bill “tendant à l’amélioration de la situation des victimes d’accidents de la
circulation et à l’accélération des procédures d’indemnisation", the Loi Badinter, was enacted. Its
objectives are to compensate the victims of all traffic accidents in which a motor vehicle is involved,
to reduce the amount of procedures before court and the large amount of ‘unfair’ transactions
between insurers of motorists and victims of traffic accidents.45
The Loi Badinter installed a very strict no-fault liability regime for drivers of motor vehicles which are
involved in traffic accidents, obliging the drivers to compensate damages suffered by all “victims
other than drivers”.46 Article 3 reads: “Les victimes hormis les conducteurs […] sont indemnisées des
dommages résultant des atteintes à leur personne qu’elles ont subis, sans que puisse leur être
42
Its attempt was to harmonize rules on liability for damages caused by motor vehicles to (non-motorized) cyclists and
pedestrians, see Van Dam 2006, p. 369.
43 See for an overview: http://ec.europa.eu/finance/insurance/legislation/index_en.htm#maincontentSec8.
44 Directive 2009/103/EC Relating to insurance against civil liability in respect of the use of motor vehicles, and the
enforcement of the obligation to insure against such liability
45 See A. Tunc, “The ‘Loi Badinter’ – Ten Years of Experience, Maastricht Journal of European and Comparative Law, vol. 3,
1996 (Tunc 1996), p. 329-311.
46 See Tunc 1996, p. 330.
9
opposée leur propre faute”. One exception to the driver’s liability is formulated: “à l ’exception de
leur faute inexcusable si elle a été la cause exclusive de l’accident”, only in case an accident is caused
by the inexcusable fault of the victim, the driver does not have to compensate the damages. The Loi
Badinter furthermore provides that if victims are younger than 16 years of age, older than 70 or at
least 80% invalidated, they are to receive full compensation.
One of the major rationales for the French legislator to implement this strict liability system for
motorists, it is stated to be that it is often hard, if not impossible to establish the exact cause of an
accident, and the level to which a conduct or negligence of the victim had contributed to the
accident.47
The rules of the Loi Badinter have been explained by and further developed in case law. It became
clear that also vehicles that are not actively involved in an accident, for instance parked cars,48 or cars
not involved in the accident at all, which were in the proximity of the accident,49 may fall under its
scope, which Tunc describes as “any kind of relation between the car and the accident is sufficient to
create the insurers duty”50 to compensate damages. The inexcusable fault of a victim, limiting the
drivers’ liability is very narrowly construed: only if the driver can prove that a victim intentionally
caused the accident and the damages related thereto, the driver can escape from liability. For
instance the case in which a victim who wore dark clothes at night, who was walking in the middle of
the road, drunk, trying to fetch a lift home, and who was eventually caught by a car, still led to the
liability of the driver. Tunc observes that “For practical purposes, the exception to automatic
protection of non-driver victims has been eliminated from the law”.51
Under the French liability regime, one may conclude without much doubt that the driver of the
Autonomous Intelligent Car can be held liable for the damages done to the cyclists and their bikes,
albeit their disobeying the traffic rules.
3.3.2 Netherlands
In the Netherlands, the Wegenverkeerswet (WVW) provides rules for assessing liability for damages
caused by motor vehicles. Article 185 WVW installed a (semi) strict-liability system, which states that
the owner or keeper of a motor vehicle can be held liable for damages to goods and persons, other
than those inside a motor vehicle, caused by an accident in which a motor vehicle is involved, while
driving on a public road. Compensation for damages suffered by victims inside a motor vehicle is
governed by the general rules on liability, stated in article 6:162 of the Dutch Civil Code. Keepers or
owners of motor vehicles can escape from liability proving force majeure: occurrences of which not
the driver but rather the victim, or a third party must be accounted for, causing the accident – and
the damages following from it. Force majeure is not easily accepted: the driver of a motor vehicle
must prove that he cannot be blamed at all, and that the accident was caused solely by “improbable
and unforeseeable behaviour of others”, which the driver could not reasonably take into account. In
that respect, it must be noted that drivers of motor vehicles have to anticipate the incautious
47
See Tunc 1996, p. 333: “… it is often difficult, practically, to judge it [the victim’s behaviour, RW] and decide whether it
was impeccable, erroneous or faulty. Most of the time, the circumstances of the accident are not clear enough to permit a
judgment”.
48 See for a overview of case law on this point Van Dam 2006, p. 360, footnote 28.
49 See Van Dam 2006, p. 360.
50 Tunc 1996, p. 335.
51 Tunc 1997, p. 335.
10
behaviour of other traffic participants.52 The bus driver who hit a bicyclist did not reasonably need to
expect the behaviour of the cyclist ignoring a red traffic light, while the chauffeur drove slowly (3035 km/h), passing a green traffic light.53
Should the driver not be able to prove force majeure, the Dutch system sets strict rules on the
apportionment of damages to be paid to victims of accidents in which motor vehicles are involved. At
least 50% of the damages needs to be compensated by the owners or keepers of motor vehicles. In
the apportionment and the allocation of damages amongst the parties involved in the accident,
judges take into account if, and to what extent, the ‘own fault’ of the victim contributed to the
accident. Percentages of ‘causality’ between the motorists and victim are first taken into account,
assessing to which extent behaviour of both parties contributed to the origination of the accident in
an objective manner, which can afterwards be ‘corrected’ if reasonableness requires so. Case law of
the Supreme Court of the Netherlands provides that the ‘correction for reasonableness’ implicates
that whenever a victim is younger than 14 years of age, he will receive 100% compensation, unless
intent or gross recklessness at the victims’ side can be proved.54 For victims older than 14, the
Supreme Court formulated the 50%-rule: reasonableness requires that even when the victim
contributed to the accident (but not in such way that this would constitute force majeure), at least
50% of the damages are to be compensated by the motorist. The ‘Betriebsgefahr’, or dangers
involved in and inherent to the operation of a motor vehicle on the public road forms the rationale of
this rule.55 For the other 50% of the damages, first the causality is assessed, which can in turn be
corrected for the sake of reasonableness.
Considering the scenario, it can be predicted that at least 50% of the damages of the bicyclists must
be remunerated by the AIC-driver, given the current WVW-regime, for there is ‘Betriebsgefahr’
involved in operating motorised vehicles. Force majeure will be hard to prove, since the case suggests
some fatigue at the side of the driver, that he could have noticed the cyclists, and that not only the
victims are to blame for causing the accident. It can be objectivised that also the cyclists had part in
causing the accident, for they ignored the traffic rules, and crossed a red light. It is hard to predict
the outcome of the assessment of a reasonableness correction, although it could very well be that
also the cyclists have to take their share in compensating the damages.
3.3.3 United Kingdom
In the United Kingdom, the liability regime for damage inflicted by motor vehicles is based on
negligence rules. There is no strict-liability regime in place, although the standard of care required
from drivers of motor vehicles is rather high. Case law explains that a driver losing his conscience
without his fault was acting negligently,56 and so did the driver whose brakes failed, while this failure
52
See for instance T. Hartlief, “Hoofdstuk 5 Aansprakelijkheid voor motorrijtuigen”, in: J. Spier, T. Hartlief, A.L.M. Keirse,
G.E. van Maanen and R.D. Vriesendorp, Verbintenissen uit de wet en Schadevergoeding, [AANVULLEN], (Hartlief JAAR), p.
165-166.
53 Supreme Court of the Netherlands 22 May 1992 (ABP/Winterthur), NJ 1992/527.
54 Supreme Court of the Netherlands 31 May 1991 (Marbeth van Uitregt), NJ 1991/721. See also Supreme Court of the
Netherlands 1 June 1990 (Ingrid Kolkman), NJ 1991/720, furthermore Hartlief JAAR, p. 163-164.
55 Supreme Court of the Netherlands 2 June 1995 (Marloes de Vos e.a.), NJ 1997/700-702, and 5 December 1997 (Saïd Hyati
e.a.), NJ 1998/400-402. The notion of ‘Betriebsgefahr’ is borrowed from the German Straβenverkehrsgesetz.
56 Roberts v. Ramsbottom [1980] 1 WLR 823, also cited in Van Dam 2006, p. 364, footnote 52.
11
could not have been foreseen.57 However, victims of accidents caused by motor vehicles have to
prove that the drivers were at fault, that is: acting negligently.
There is one rule of statutory duty that sets to some degree a strict liability for drivers of motor
vehicles approaching a crossing in the road: “The driver of every vehicle approaching a crossing shall,
unless he can see that there is no passenger thereon, proceed at such speed as to be able if
necessary to stop before reaching such crossing”.58 A defence that a driver has in this respect is force
majeure.
Drivers being held liable motivated with claims concerning negligence at their side, may defend
themselves by stating contributory negligence of victims, regardless their age.59 The English system
differs significantly from most other EU regimes on liability for motor vehicles. In the first place,
victims have to prove the negligent conduct of the driver who caused them harm, whereas in for
instance the Netherlands and France there is a strict/no fault liability regime for either
owners/keepers of motor vehicles, or drivers of motor vehicles involved in an accident.
Furthermore, English drivers may invoke a contributory negligence claim, which may – in theory –
free them from liability, while this is (almost) impossible in France, and in the Netherlands this may
lead to a maximal reduction of 50% of the liability of owners/keepers of motor vehicles causing
damage to non-motorised traffic participants.
It cannot be easily predicted how the English system would qualify matters as explicated in
paragraph 3.1. The three bicyclists have to prove that the driver was acting negligently – however
that shall be hard for them to prove. The driver may rely on the reported technical state of his
vehicle. It can be in his favour to show that his vehicle passed all necessary tests and certifications,
and that the defect in the sensory software was beyond his control. Furthermore, the driver could
argue contributory negligence of the cyclists, whose behaviour was contrary to traffic rules after all.
3.4 Interim observations
The regimes on (harmonized) product liability and on (non-harmonized) liability for damages caused
by accidents in which motor vehicles are involved, have not been drafted with the emergence of
Autonomous Intelligent Cars ‘in mind’. Most of these regimes use a concept of causality for
determining and allocating liability. The notion that cars are becoming more ‘autonomous’, and thus
less rely on the input of human operators, and that these cars are increasingly ‘intelligent’, able to
operate in changing environments, proposes a challenge in terms of determining causality. A higher
level of autonomy may implicate that it is harder to establish the exact cause of a damage inflicting
accident. In the sketched scenario, it is hard to prove the relationship between the failed self-update,
the behavior of the driver and the damage to the bicyclists disobeying traffic rules. For a claimant, it
will be an uneasy task to underpin a claim towards the producer of the car: to prove that the AIC was
defective, and that the defect caused or contributed to the origination of the accident. Whereas in
most EU jurisdictions the driver or holder of a vehicle will be held (strictly) liable for at least a portion
of the damages caused by accidents in which AIC are involved, autonomous intelligence makes it
57
Henderson v. HE Jenkins & Sons and Evans [1970] AC 282, cited in Van Dam 2006, p. 364, footnote 53. Van Dam further
takes notice of Worsley v Hollins [1991] RTR 252 (CA), in which the judges held that the victims claim for negligence failed,
for the defendant could prove that although his braking systems failed causing damage, his minibus was recently serviced
and passed the MOT.
58 Cited in Van Dam 2006, p. 365, footnote 57, referring to Reg. 3 of the Pedestrian Crossing Places (Traffic) Regulations
1941, replaced by the Zebra Pedestrian Crossing Regulations 1971, SI 1971, No. 1524.
59 Van Dam 2006, p. 375 notices that “it is hard to establish contributory negligence of young children under the age of 7”.
12
difficult to establish the respective influences on the origination of the event causing damages, and
therefore the definitive apportionment of liability.
Uncertainty regarding causation of damages could lead to reluctance of developers to innovate in
this field, for legal uncertainty will follow from the fact that it will be harder to calculate liability risks
in this respect. Legal uncertainty is observed to often form an impediment to innovation.60
Willingness of consumers to adopt AIC technology may also depend on the question whether or not
liability for damages caused by autonomous vehicles they own or drive can be insured. Introduction
of AIC thus proposes challenges in terms of the current regulatory framework. Problems in this
perspective may interfere with the very objective of liability regimes to fairly apportion risks. A
regulatory solution could be to install a regime of strict no-fault liability for damages in which AIC are
involved, for drivers or owners of these vehicles, and a more strict product liability regime. With
regard to liability of owners and/or drivers of AIC, it would therefore be necessary to harmonize the
respective liability regimes of Member States, which has not proven successful in the past at this
specific topic. Furthermore, a too stringent liability regime for producers is also observed to form an
impediment to innovation.61
Besides optimizing the regulatory framework on liability for damages in which AIC are involved, a
practical contribution to a solution of determining the causation of damages could be to equip these
vehicles with tracing mechanisms, recording and/or sharing movements and control-actions of these
vehicles.
60
See for example J. Pelkmans & A. Renda, “Does EU regulation hinder or stimulate innovation”, CEPS Special Report No.
96/2014 (Pelkmans & Renda 2014), p. 8.
61 K. Horsey & E. Rackley, Tort Law, Oxford: Oxford University Press 2013, p. 363.
13
4. AIC tracing technology and information privacy
4.1 AIC tracing technology?
Insurance companies sketch that the emergence of Autonomous Intelligent Cars could lead to a shift
in motor car insurance. While the advent of AIC technology is promising in terms of increased safety
on the roads, resulting in less damage to be covered for, it is also thought that severity of accidents
may increase the amount of damage caused by AIC accidents.62 They also observe that accidents
caused by autonomous technology “would need extensive software and hardware analysis expertise
in order to how and why it occurred”.63 One of the options to assess the cause of an accident, and
therefore to aid in answering the question of where liability lies, could be to equip vehicles with black
boxes, or with telematics technologies connecting AIC to a dedicated infrastructure, and/or to
remote servers.64 Objectives of these types of technologies are amongst other things to record
movements of autonomous cars, and operational choices that are made by either the car itself or the
driver controlling its movement, as well as data concerning events and objects in the vicinity of an
autonomous vehicle. While black box technology would be in a way similar to the functionalities that
airplanes are currently being equipped with, leaving the gathered data inside the vehicle and offering
a potential for assessment for instance after an accident took place, telematics technology may have
wider applications. Telematics technology could not only be used for assessing errors and damage
causes after accidents have happened, it could even contribute to preventing accidents from
happening. Examples of telematics technology for that purpose, are Vehicle-to-Vehicle
communication (V2V), for collision prevention between cars, and Vehicle-to-Infrastructure
communication (V2I), for “safety, mobility and environmental benefits” in general.65 V2I are to
“provide continuous, real time connectivity”66 in the operation of AIC on the roads. Although black
box technologies and telematics solutions as V2V and V2I communication may be promising in terms
of preventing accidents and distributing damages caused by AIC-accidents, the right to information
privacy of people inside and surrounding cars equipped with these kinds of technology (error tracing
technology), should be carefully observed.
4.2 Current framework
Privacy has been defined by Warren and Brandeis in 1890 as “the right to be left alone”.67 It is the
fundamental right of citizens that sees to the protection of a (both virtual and physical) personal
sphere, in which neither the government nor other citizens should interfere without permission.
Many forms and types of privacy have been recognized in literature. These can be categorized for
instance as relational privacy (comprising communicative, physical, medical and spatial privacy),
versus information privacy.68 Information privacy is the right to control the use of the personal
information held by others than the individual it concerns. It is this kind of information that can be
62
See for instance Yeomans 2014, p. 15, 18, and also A. Sharman, “Driverless cars wait for green light”, FT.com, 8 December
2014, via http://www.ft.com/cms/s/0/6572716e-7565-11e4-a1a9-00144feabdc0.html#axzz3TbnUD5DB (Sharman 2014).
63 Yeomans 2014, p. 18.
64 Yeomans 2014, p.18. Also Sharman 2014. See furthermore J.M. Anderson and others, Autonomous Vehicle Technology –
A Guide for Policymakers, RAND Transportation, Space and Technology Program 2014, (RAND-report), p. 94-95.
65 RAND-report, p. 81.
66 Idem.
67 S. Warren & L. Brandeis, “The Right to Privacy”, Harvard Law Review no. 4, 193, 1890.
68 See for a different view for instance R. Finn & D. Wright, “Seven Types of Privacy”, Selected works of Michael Friedewald
2013 (Finn & Wright 2013), via http://works.bepress.com/cgi/viewcontent.cgi?article=1070&context=michael_friedewald
(last accessed on 11 March 2015), who distinguish between Privacy of: the person; behaviour and action; communication;
data and image; thought and feelings; location and space; and association. See also D.J. Solove, Understanding Privacy,
Cambridge (Mass.): Harvard University Press 2008 […].
14
collected, processed and stored through AIC tracing technology. In the European Union, a regulatory
framework is in place harmonizing the (informational) privacy of citizens. Article 7 of the Charter of
Fundamental Rights of the European Union (Charter), which is an integral part of the Lisbon Treaty,
states that “Everyone has the right to respect for his or her private and family life, home and
communications”.69 Article 8(1) Charter adds that “Everyone has the right to the protection of
personal data concerning him or her”. 8(2) specifies that such data should only be processed for
specified purposes, which may only be done after the consent of the person concerned, or on
another basis “laid down by law”. Furthermore must everyone have access to the collected personal
data, and everyone must have the right to rectify the data. Paragraph 3 adds that an independent
supervisory authority should see to the compliance with the rules.
4.2.1 EU Data Protection Directive
There are a number of? harmonization directives providing more detailed rules on information
privacy, of which the Data Protection Directive dating from 1995 (DPD) forms the core.70 This Data
Protection Directive is currently being revised, and will eventually be replaced by the Data Protection
Regulation, which shall have a direct effect in the Member States.71
4.2.1.1 Core values
The objectives of the DPD are mainly twofold: It seeks to create a free movement of personal data
between the Member States, which has positive effects for the EU internal market, while on the
other hand it sets strict rules for the processing of personal data, in line with the protection of the
fundamental right to privacy of EU citizens.72 The protection of privacy in general, and personal data
specifically, are observed to be beneficial for consumers trust in for instance cross border industry
development, and thus innovation and growth.73
The DPD applies to the processing of personal data by both analogue and digital means.74 Personal
data are defined as “any information relating to a identified or identifiable natural person”, a datasubject. A person is identifiable when an individual can be identified, directly or indirectly, “in
particular by reference to an identification number or to one or more factors specific to his physical,
physiological, mental, economic, cultural or social identity”.75 Processing personal data is defined
very broadly, any action or “operation” with regard to personal data, such as the collection, storage,
adaptation and deletion are considered as processing.76 Persons (either legal or natural) processing
data are “controllers” in sense of the DPD, those who process personal data on behalf of controllers
are called “processors”.77 Personal data may only be processed “fairly and lawfully”,78 and may only
69
This text differs a little from article 8 of the European Convention of Human Rights, which is also applicable in all EU
Member States.
70 Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals
with regard to the processing of personal data and on the free movement of such data. For an overview of the applicable
EU regulatory framework on data protection, see http://ec.europa.eu/justice/data-protection/law/index_en.htm.
71 See for the proposed text of the General Data Protection Regulation http://ec.europa.eu/justice/dataprotection/document/review2012/com_2012_11_en.pdf. See for the most recent amendments (last accessed on 12 March
2015): http://lobbyplag.eu/governments/gdpr.
72 See for instance preambles 1-11 to the DPD.
73 See also the Position Paper by Ecommerce Europe, “Privacy and Data Protection, Safety and Transparency for Trust and
Consumer Centrality, 2014] (Position Paper 2014), p. 3.
74 Art. 3(1) DPD.
75 Art. 2(a) DPD.
76 Art. 2(b) DPD.
77 Art. 2(d) and (e) DPD.
78 Art. 6(1)(a) DPD.
15
be collected for “specified, explicit and legitimate purposes”, processing should always be in line with
these purposes.79 Fair and lawful processing of data may be the case if for instance a data subject
gave his unambiguous consent, if it is necessary for the performance of a contract the data subject
entered into, or if processing is necessary to comply with legal obligations of processor.80 Special
categories of data, concerning inter alia the race, ethnicity, political opinions, religion, health and sex
life of a data subject, may not be processed unless the data subject has for instance given his explicit
consent, the processor is carrying out obligations of employment law, or processing relates to data
which had been made manifestly public by the data subject.81 As a remedy for damages of the data
subject that relate to unlawful processing of personal data, the DPD provides that the controller is
liable for compensation of these damages, unless he can prove not to have been responsible for the
damage causing event.82 Furthermore, Member States are to set up a supervisory authority to inter
alia enforce compliance with the DPD-rules, who are also equipped with “effective powers” to
investigate and interfere with activities that are carried out contrary to the rules.83
4.3.1.2 Co-regulated: appropriate measures for protection and exporting personal data
With regard to processing personal data through networks such as the Internet, the Data Protection
Directive provides that there are certain measures to be taken to protect the integrity of data, and at
the same time it imposes limits to the export of data to countries which have a lower level of
protection than the EU Member States.
The DPD states that controller should implement “appropriate technical and organizational measures
to protect personal data against accidental or unlawful destruction or accidental loss, alteration,
unauthorized disclosure or access, in particular where the processing involves the transmission of
data over a network, and against all other unlawful forms of processing.”84 Security state of the art
and implementation costs must be taken into account for the implementation of measures.
Furthermore, these “shall ensure a level of security appropriate to the risks represented by the
processing and the nature of the data to be protected”. The DPD does not define or indicate when
measures are “appropriate”, and is merely left to the Member States. In the Netherlands for
example, the national law on the protection of personal data (Wet bescherming persoonsgegevens,
which implements the DPD), has delegated this partly to co-regulation by the supervisory authority
(College Bescherming Persoonsgegevens), who drafted policy guidelines for assessing the
appropriateness of technical and organizational measures for the protection of data.85
With regard to the export of personal data, the DPD provides that in principle the transfer of data to
third countries, may only take place if that third country ensures an adequate level of protection.
Should data be exported to non-EEA countries, the European Commission must be consulted to
verify whether or not the importing country offers adequate protection.86 For example the United
States of America, who do not have a regime similar to the DPD, do not guarantee an adequate level
of protection in view of the DPD, according to the EC. However, in collaboration with the US
79
Art. 6(1)(b) DPD.
Art. 7 DPD.
81 Art. 8 DPD.
82 Art. 23 DPD.
83 Art. 28 DPD.
84 Art. 17(1) DPD.
85 See for instance Richtsnoeren Bescherming Persoonsgegevens 2013, via https://cbpweb.nl/nl/richtsnoeren-beveiligingvan-persoonsgegevens-2013.
86 Art. 25 DPD.
80
16
Department of Commerce, the EC has developed a “safe harbour” framework of principles and
frequently asked questions.87 US companies and institutions complying to the safe harbour rules, are
considered to guarantee an adequate level of protection in sense of the DPD, and are therefore
allowed to ‘import’ personal data from the EU.
4.2.1.2 Qualification of AIC tracing technology
Are the data collected and processed using black box or telematics technology in Autonomous
Intelligent Vehicles personal data? This may be the case if these data identify or can, even indirectly,
identify a natural person. Location data of AIC do not directly identify a natural person. However, it
can be (easily) constructed on the basis of combined data that for instance location data of the AIC
on working days between 8.00 and 8.30, plotting the route from A (a house address) to B (a certain
office address), can identify the owner of a vehicle who happens to live at A and work at B. In that
case, these location data logged in a black box, or communicated and stored somewhere in the cloud
through for instance V2I communication, are considered personal data. Should not only location data
be processed, but for example the vehicle be equipped with camera’s monitoring the behavior of
people inside, and maybe even in the surroundings of the car, data are recorded representing natural
persons, who can be directly identified from the images. For also the race of the filmed persons can
be deducted, these form special category data. Processing data, such as location data, for instance
through recording and storing (in a black box), and/or through real time communicating with other
vehicles (V2V) or an infrastructure (V2I) is only allowed insofar this is done on a legal basis, as long as
processing takes place for a specified lawful goal. It is at least questionable if the general processing
of “all data available” generated through AIC tracing technology would be proportional to a goal of
for instance accident prevention or analysis.
A legal basis may for example stem from specific applicable legislation, which is to date not in place
regarding autonomous vehicle information in the EU.88 Without a basis in legislation, controllers,
such as manufacturers, insurers, employers or road supervisory authorities, should for example
obtain the permission of the individuals (drivers, but maybe also passengers, and people outside the
vehicle) in order to comply with the requisite “fair and lawful” basis for processing. Processing special
category data is more strictly regulated: this may not take place in principle, unless a legal exception
allows this specific processing, which may be the case inter alia if data subjects gave their explicit
consent.
Personal data must be stored (either in black boxes or on Internet-servers) under such conditions
that appropriate measures have been taken to protect these from amongst other things loss
(deletion) and alteration, or from being hacked into. It is not clear on beforehand which measures
are deemed appropriate, as a harmonized approach on this subject is to date not available. National
regulations can be relevant in assessing the appropriateness of technical and organizational
measures. Furthermore, AIC-data may only be processed in connection with a specified goal. Before
87
See 2000/520/EC: Commission Decision of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and
of the Council on the adequacy of the protection provided by the safe harbour privacy principles and related frequently
asked questions issued by the US Department of Commerce, via http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000D0520:EN:HTML.
88
In Germany, car manufacturers (Verband der Automobilindustrie) are developing “Data Protection Principles
for Connected Vehicles”, which may eventually form input to a specific legal basis for the processing of vehicle
data. See https://www.vda.de/en/topics/innovation-and-technology/network/Data-Protection-Principles-forConnected-Vehicles.html for a recent version of the Principles.
17
collecting, processing and storing these data, data subjects must be informed for which goal(s)
personal data will be used.
Export of personal data, when this data are for example sent over the Internet, or stored in (cloud)
servers outside the country in which the processing originated, should in principle not take place
outside the European Economic Area, unless the country to which data are transferred offers an
adequate level of protection. This implicates that data may only be transferred to the United States if
the company importing the data complies to the Safe Harbour rules.
4.2.2 Forthcoming EU General Data Protection Regulation
Some observations can be made considering the forthcoming General Data Protection Regulation
(GDPR), although it’s text is not yet definitive.89 The GDPR will be applicable to every company who
wants to operate on the European market. It will state that ‘privacy by design’ and ‘privacy by
default’ are general principles. Privacy must be taken into account from the beginning of the
development of new services, and that the default settings of these services must be ‘privacy
friendly’. A risk assessment with regard to privacy issues must be made in advance. Furthermore,
data subjects are to be equipped with more rights, for instance with regard to access to data, and
they will get a (non-absolute) right to erasure of their data from systems. The rules will incorporate
some level of flexibility, and are to be applied more strictly towards for instance multinationals than
to smaller enterprises. Supervisory authorities will gain more effective powers to enforce the rules:
fines up to 5% of the annual worldwide turnover of a non-compliant company, or whenever greater,
a fine of € 100.000.000,- can be imposed.
4.3 Interim observations
Rules regarding the information privacy of EU citizens are strictly protected within the European
Union and will become more stringent in the near future. The privacy regime creates a framework in
which at the same time intercommunal trade is facilitated, while consumers’ privacy rights are
guaranteed, also when data of EU citizens are exported to non-EU countries. Strong safeguard of
information privacy, and transparency with regard to the rules are observed to form a driver for
consumers’ trust, and their adaptation of new services. At the same time, the current – and
forthcoming regime(s) may form a challenge for development of autonomous intelligent cars to be
equipped with for instance tracing mechanisms. It is for instance not (yet) clear which measures are
considered appropriate for the protection of personal data, to be taken by controllers and
processors, for assessing these measures is left to the individual regimes of Member States. On a
national level, also co-regulation and policy instruments are used in this respect, which does not
necessarily contribute to transparency and legal certainty. In combination with a) uncertainty
regarding the final text of the GDPR and b) for instance the high fines that can be imposed after the
GDPR will come into effect, could be observed to form a challenge for AIC developers.
89
See also: http://europa.eu/rapid/press-release_MEMO-14-186_nl.htm (accessed 17 March 2015)
18
5. Summary and conclusions
The development and deployment of Autonomous Intelligent Cars in the European Union can
contribute to the EU ambitions of innovation and growth. It is foreseen that this developments
towards a fully autonomous vehicle will take place in several steps. Eventually, AIC can be defined as
vehicles capable of perceiving data and information, which are able to learn and make decisions
based upon their experience, used for transportation of goods or people to a certain destination
without the need of human intervention. Autonomous intelligence implies legal challenges. With
regard to liability law, it is observed that autonomous decisions of a vehicle can be an extra factor in
assessing the cause of damages following from accidents in which AIC are involved. Autonomy will
make it harder to pinpoint the factors and their respective shares in the origination of damage
inflicting situations. Establishing causation often is crucial for determining liability for damages,
unless a (strict/no fault) liability regime allocates liability irrespective of damage causing behaviour.
The Product Liability Directive states as a general rule that producers are liable for defects in their
products causing damage. This is not a ‘pure’ strict liability regime, which is illustrated by the fact
that there are several defences a producer may invoke, and that liability of the producer may be
reduced or disallowed when the injured person contributed to the causation of damages. The nonharmonized regulatory frameworks of the Member States on liability for accidents in which motor
vehicles are involved vary from strict no fault liability systems (France) to negligence based systems
(England). Most EU jurisdictions have incorporated causation principles for determining liability to a
certain extent. AIC may form a complicating factor in this respect, for it may become harder to
predict liability risks for producers, and inter alia drivers, third parties and their insurers. Legal
uncertainty with regard to liability risks can form a hurdle in the development of AIC technology, and
at the same time to the adoption and acceptance of autonomous vehicles by EU citizens.
A practical solution proposed by insurance companies and developers of AIC, is to employ certain
forms of tracing technology in autonomous vehicles. That technology will be used 1) to assist in
avoiding damage causing accidents, and 2) in assessing the exact causation of accidents. However,
such technology may have severe consequences for the information privacy of those people inside
and around AIC. Without properly addressing these questions, consumers’ trust in this technology
may not be encouraged. Furthermore, this could lead to liability of producers. A legal solution to the
indicated causation challenge could be that applicable liability frameworks are optimized on a
European level, in the sense that these will be enabled to address allocation of liability questions in
which autonomous intelligent technology is involved.
The question remains how the regulatory framework should be optimized, which a) provides
incentives rather than hurdles for innovation, which b) will stimulate the acceptance of AIC, thus
being beneficial to the economic goals of the EU, which at the same time c) takes into account the
core values of inter alia fair apportionment of risks, consumer protection and (other) fundamental
rights of EU citizens. That question is too complex to be answered in this paper. It would need more
extensive research to identify for instance on which level(s) regulation and enforcement should be
installed. An optimal mix should be sought in? top-down regulation (EU- in combination national
regulation) and alternative forms of inter alia soft-regulation in the form of self- and/or coregulation, industry norms and standards and (ethical) codes of conduct, in which all relevant
stakeholders are able to participate.
19