Today's cars include up to 100 electronic control units as
well as numerous sensor networks and assistance systems. While
these devices can improve the comfort and safety of the driver and
passengers, they also can collect and store a great deal of
information about the current driving pattern, geolocation, traffic
or even weather conditions. Some data collected this way can,
either by itself or in connection with other data, also be
considered personal data.
The importance and number of data-gathering instruments in
vehicles will most likely increase once autonomous vehicles hit the
road. So-called "connected cars" are even equipped with
wireless connectivity that allows real-time transmission of
information—even between the vehicles themselves.
Most of the current discussion on connected cars is based around
the health and safety benefits that such connectivity could offer.
For example, with regard to the European eCall Regulation (2015/758/EU), the European Commission states that "an
eCall-equipped car will save hundreds of lives in the EU every
year." This Regulation requires that from March 2018 all
new passenger cars and light vans will have to be equipped with
devices that automatically alert rescue services to car crash
However, a fundamental question has yet to be answered: whether
a piece of data can legally be owned and who would actually own
such data. Current EU as well as German data protection laws do not
contain provisions adequately addressing this question. Thus, it is
unclear whether and to what extent someone can exert legal rights
over a single piece or set of data elements. It is in particular
unclear whether the drivers, the owners or the manufacturers of
vehicles can be said to own the data generated by them. There are
some arguments to be made for either standpoint.
It should come as no surprise that many parties, including
insurance companies, are interested in car-generated data. In
response to a parliamentary question regarding the ownership of
car-generated data, the German government drew a distinction between
data for vehicle functions on the one hand and data for service
functions (e.g. infotainment) on the other hand. Only with regard
to the former would the car owner, in principle, have the genuine
power to dispose of such data ("tatsächliche
Verfügungsgewalt"). Without further regulation, the
question of ownership over, and the power to dispose of, such
(personal) data could become a controversial and confusing one.
Originally published February 10, 2016
Mayer Brown is a global legal services provider
comprising legal practices that are separate entities (the
"Mayer Brown Practices"). The Mayer Brown Practices are:
Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both
limited liability partnerships established in Illinois USA; Mayer
Brown International LLP, a limited liability partnership
incorporated in England and Wales (authorized and regulated by the
Solicitors Regulation Authority and registered in England and Wales
number OC 303359); Mayer Brown, a SELAS established in France;
Mayer Brown JSM, a Hong Kong partnership and its associated
entities in Asia; and Tauil & Chequer Advogados, a Brazilian
law partnership with which Mayer Brown is associated. "Mayer
Brown" and the Mayer Brown logo are the trademarks of the
Mayer Brown Practices in their respective
This Mayer Brown article provides information and comments
on legal issues and developments of interest. The foregoing is not
a comprehensive treatment of the subject matter covered and is not
intended to provide legal advice. Readers should seek specific
legal advice before taking any action with respect to the matters
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.
The market of the so-called "connected vehicles" has been considerably growing since 2015. According to a recent study by AlixPartners, 78 million of connected vehicles will be commercialized in 2018, generating a EUR40 billion turnover.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).