Automated vehicle technology is likely to produce and retain data about vehicle behavior and vehicle occupants. Some of that data will sit only in-vehicle. However, some will be shared with and supplemented by information shared through Co-operative Intelligent Transport Systems (C-ITS) that allow vehicles to communicate directly with other vehicles and infrastructure, such as traffic signals. The prospect of this data creation, storage and sharing becomes increasingly significant when it is appreciated that AVs are one of many consumer devices likely to utilise biometric measurement and analysis.
Building on the fundamental analysis set out in chapter II to this report, this chapter will explore some of the biometric issues that are particular to the Australian AV context.
First, we will examine the steps that federal and state governments are taking to ensure they safeguard personal data obtained from an automated vehicle directly or otherwise through management of a C-ITS. Second, we will briefly examine intellectual property issues arising from biometric information. Finally, we will consider how biometric based technology has the capacity to improve safety and the role it may play in the liability regime likely to apply to AVs.
The reader should take two ideas from this chapter:
- The Australian government is well-positioned in respect of laws to protect the privacy of personalized biometric data collected through the AV networks by the time the networks go live. Attention should be focussed on the rules for information sharing between federal and state governments, and between government agencies of either state or federal government.
- Biometric analysis in AVs will tend to make harmful driving less prevalent, in particular in the heavy vehicle context.
A. Regulatory update
In August 2019, Australia’s Transport and Infrastructure Council will consider recommendations from the National Transport Commission to address privacy challenges arising from C-ITS and AV technology. The National Transport Commission’s preferred option is to agree on broad principles on limiting government collection, use and disclosure of C-ITS information.
Also in August 2019, consultation will close on the consultation Regulation Impact Statement released by the National Transport Commission in July 2019. That document examines the roles of different parties in the safety of automated vehicles after market entry (in-service) and any additional duties which should apply to them. It also examines the institutional and regulatory arrangements to support any additional duties. Relevant to this chapter, it can be expected that duties in relation to data security will be imposed on in-service parties.
This recent work builds on a broader reform program undertaken by the National Transport Commission and other stakeholders which aims to develop end-to-end regulation to support the safe, commercial deployment and operation of fully automated vehicles. Other streams completed or ongoing relate to review of insurance schemes; development of enforcement guidelines; and safety criteria for first supply of AVs.
B. Government collection of data
Data will be the linchpin regulatory issue arising from the expected spread of biometrics in AVs. In participating in C-ITS, government and its agencies will become the custodians of new kinds of data, and will need to develop systems for its responsible use and custody. The capture of biometric data will present unique privacy and security challenges. Government also may see utility in getting access to AV data that is not ordinarily shared through a C-ITS framework.
The current law in Australia imposes privacy safeguards by stipulating processes for how state and federal governments must deal with information that meets the definition of “personal information” and, in some jurisdictions, “sensitive information.” At the federal level, for example, the Privacy Act 1988 (Cth) governs the treatment of “personal information” by private and Commonwealth public sector entities. Various pieces of legislation also apply at a state and territory level, primarily regulating the use of “personal information” and/or “sensitive information” by state and territory agencies. Where the distinction between “personal information” and “sensitive information” exists, the latter is generally treated as a special subset of “personal information” to which more stringent protections apply. The National Transport Commission, in its discussion paper on regulating government access to C-ITS and AV data, has identified that most of the information generated in the C-ITS will be “personal information.”1 Some of this information, like the biometric information used to gain access to the vehicle (equivalent to fingerprint access to a mobile phone) would also be classified as “sensitive information” (at least in the Commonwealth jurisdiction), being “biometric information that is to be used for the purpose of automated biometric verification or biometric identification.”2
In previous editions of this white paper we have canvassed the privacy law issues associated with data meeting the definitions of “personal information” or, in some jurisdictions, “sensitive information.” At the federal level, for example, “sensitive information” can generally only be collected with the express consent of the relevant individual unless certain exceptions apply, key among these being where Australian law requires or authorizes such collection.3
It is therefore relevant to consider the types of biometric data the National Transport Commission has identified will be collected in the C-ITS as a potential indicator of future directions in law reform. We extract the Commission’s views on what we consider to be the most important: biometric characteristics of the actual driver:
- “Automated vehicles are likely to rely upon inward-facing cameras to monitor human driver alertness and behavior.”4
- “Whole-of-cabin vehicle recordings could detect whether it is safe for the ADS to hand back control to a human (if manual vehicle controls exist).”5
- “Biological or health sensors can be used to monitor facial temperature, heart rate, breathing rate and glucose and biometric sensors could be used to recognize drivers and occupants to customize the driving experience… Automated vehicles may rely on these sensors to monitor driver alertness and behavior, including whether a human driver is losing attention or getting stressed. This could assist with determining whether the human driver is ready to take back control of the vehicle. However, they could also collect sensitive health and wellness information about users of automated vehicles (for example, emerging health issues such as a heart attack), including the driver and other occupants.”6
Taken collectively, it is plausible that the entire interior of an AV and sounds from within it will be recorded, with the government having access to this data. The National Transport Commission has said that information generated by C-ITS could be collected and used by government to assist in:
- law enforcement;
- traffic management and road safety; and
- infrastructure and network programming.7
These are the societal goods that will need to be weighed against the intrusion on individual privacy. For example, in its submission in response to the National Transport Commission report, the Australian privacy regulator (the Office of the Australian Information Commissioner) has emphasized the importance of individual consent to the collection of “sensitive information,” and noted that, in circumstances where it is not appropriate to obtain consent, increased “oversight, accountability and transparency” should be required.8 Whatever the merits of this debate, what is clear is that the move towards AVs will actually decrease vehicle autonomy. In the 20th century, the car was a symbol of individuality. Nevertheless, a truly integrated system of AVs would actually operate a lot more like a series of private train carriages, by virtue of the interconnectedness that will be needed to enable them to share the roads safely. It is perhaps appropriate that an individual’s expectations of privacy within them should shift accordingly.
C. Intellectual property
The biometric technology likely to be integrated into the operation of an AV is a small part of a complex set of inter-related and inter-dependent technologies. Applicants have been filing and obtaining patents relating to biometric-dependent technologies for decades in Australia. The biometric aspect of AVs is therefore unlikely to require changes to Australian intellectual property. In the past several years, biometric technology has proved patentable in the context of other Australian industries.9 There is little to suggest that biometrics in the particular context of AVs will be different.
(ii) Ownership of information and data collected by automated vehicles.
As canvassed in our last white paper, a big question which arises from the use of AV is “who owns all this data that will be generated?”
As noted above, Australian law does not recognise data, or mere information, itself as a type of property that can be owned, or bought and sold, but rather it is the confidentiality of that data that may be protected. Each case is to be assessed on its own circumstances, but if the person collecting the data guards its security and prevents it from reaching the public domain, it may have the necessary quality of confidence to qualify as confidential information. This is likely to be the vehicle manufacturer, for example, if the data is collected by on-board computers and securely transmitted back to the manufacturer for aggregating and analysis. This will depend on the steps taken to collect and protect the information and the degree to which the information is not already publicly available. In practice, the person who controls the confidentiality of the information will enjoy the commercial advantage.
In other fields such as financial services and internet and telephone service providers, this has led to calls by consumers to access “their own” information. This may also become an issue for vehicle occupants or owners who find “their” information being collected by the manufacturer or vehicle operator, as discussed in the previous chapter.
The matters covered in this chapter are just some of the intellectual property issues raised by AVs and the integration of biometrics into those vehicles. Other issues not covered include the prospect of design registration under the Designs Act 2003 (Cth) for new components as well as the obstacles to copyright given the thresholds for that protection to be invoked.
D. Eliminating driver fault
It is likely that the biometric technology utilized in AVs will shift the way our legal liability regimes are structured. The former Urban Infrastructure Minister Paul Fletcher has said that “Today, a lot of our liability regimes are premised on liability sitting with the driver, but in a world where the vehicle is completely in control, it doesn’t make sense to attach liability to the passengers.”10 This is likely to have an impact in both the civil and criminal liability realm. Previous chapters of this white paper have examined the liability implications of AVs.
In particular, we have discussed that Australia’s well developed product liability law as supplemented by the imposition on certain parties (for example manufacturers) of a primary safety duty to ensure the safety of AVs can be expected to respond effectively to the introduction of this technology.
Until the transition to fully autonomous vehicle is complete, the Australian context biometrics may have a hand in improving the way in which we manage driver fatigue, particularly in the heavy vehicle industry.
Two features of modern Australia are highly relevant to the particular development of our AV scheme: mining and distance. A by-product of Australia’s strong mining industry is that Australia is, as has been noted by the chief scientist, Dr Alan Finkel, “the global leader in autonomous trucks.”11 The distance between cities and regional centers also creates huge demand for long-haul freight drivers, which carries with it corresponding problems of driver fatigue.
In Australia, the current law (the Heavy Vehicle National Law, which operates in the ACT, NSW, Queensland, South Australia, Tasmania and Victoria) prescribes a minimum number of continuous hours that heavy vehicle drivers must rest in given periods of time (for instance, 7 hours continuous rest in a 24-hour period), and a maximum number of hours that can be worked in a given period (for instance, no more than 14 hours worked in a 24-hour period). Contravention can lead to fines for the driver as well as other parties in the chain of responsibility, like the employer or scheduler. This system places the burden of fatigue management squarely on the driver and the companies or individuals that have sent the driver out onto the road.
When vehicles are fully autonomous, these fatigue laws will of course be obsolete. In the intervening period between full autonomy and the present, there is a role to be played in biometric technology that can detect the fatigue levels of the driver.
This technology will allow for the measurement of actual fatigue, whereas the hours-based system under the current law effectively acts as a proxy for fatigue, because when that law was created we lacked the technology to measure the fatigue of individual drivers. The technology, if rolled out systematically, could have the potential to capture the problem of driver fatigue in a far more precise way, and prevent the road accidents it causes. At that point it may be that we find ourselves to have outgrown the hours-based system.