The new General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 marking the biggest overhaul of data protection since the introduction of the current Data Protection Act (DPA) in 1998.
Seen as more of an evolution than a revolution, GDPR is effectively a more detailed and robust version of the current regulation, placing greater emphasis on the rights of individuals and imposing tougher penalties on those organisations who fall short of meeting their data protection obligations.
Those found to be in breach of the new rules could face fines of 2% of annual turnover or 4% of annual worldwide turnover for more severe infringements.
The GDPR applies to data processing carried out by organisations operating within the EU as well as organisations outside the EU that offer goods or services to individuals in the EU. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR so businesses should not let the prospect of Brexit delay preparations.
The British Vehicle Rental and Leasing Association (BVRLA) recently published findings from its Fleet Technology Survey, revealing that around half of BVRLA members and fleet managers felt ready for GDPR. 54% claimed that their company is clear about its responsibilities under GDPR and 52% claimed that their company has a clear strategy regarding its collection and use of driver and vehicle data.
The Information Commissioner’s Office (ICO) understands the importance of having an internationally consistent approach to data protection regulation, stating: “With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations, and to individuals.”
Any changes made to business processes to ensure compliance will not be made in vain as any UK version of the regulation introduced post-Brexit is likely to be aligned to GDPR.
The BVRLA offer some advice on the changes that GDPR brings:
Some key differences
Under GDPR, there will be more emphasis on the rights of individuals both in terms of consent and access to their own data. Should an individual ever make a claim, the burden of proof will fall to the organisation so it will be essential for fleet operators to keep audit trails to evidence that specific and unambiguous consent was freely given. This should be in the form of a statement or an affirmative action. It will no longer be acceptable to gain consent via passive ‘pre-ticked’ boxes and inaction.
Another area of change is that the new rules place emphasis on shared responsibility, making everybody who handles and processes data liable, not just data controllers. Everybody in the supply chain will need to understand their obligations to ensure compliance and this is going to require a change in mindset as people across the industry have different views on who they think is liable for data. This was reflected in the BVRLA’s study which shows that 36% of members and 41% of fleet managers agreed that everybody had responsibility for data protection. The rest placed the responsibility at the door of either the lease company, manufacturer or fleet manager. There is clearly a big job to do to ensure compliance across the industry.
Data security
As the automotive industry continues to transition from a sector driven by mechanics to one driven by electronics and software, the issue of data and cyber security will become an increasing concern.
As connected and autonomous vehicles become more prevalent on our roads, it will be crucial for manufacturers to consider security requirements in the vehicle’s design and it will be equally as important to protect our infrastructure.
The main cyber security threats to connected and automotive vehicles include loss of control, loss of data, leaking or sharing of data, denial of service or malicious manipulation of software, network outage or disruption of power supply and even interception or hijackings. All of which would be disastrous.
The BVRLA welcomed government’s recent publication of a set of principles to ensure that a tougher approach is taken to cyber security throughout the automotive industry.
Keaney said: “It is potentially an area of huge vulnerability if businesses do not take steps to be properly protected so there is likely to be an increase in the employment of tech-savvy cyber security professionals to embed government’s recommended cyber security principles right across the automotive industry. Data protection is crucial not only for individuals and organisations, but also for the industry and the wider UK economy.”
Data access and ownership
As part of the BVRLA’s Fleet Technology Survey, the association explored views from drivers with regards to data and connected vehicles, and the message was clear. When it comes to sharing data about themselves such as how they drive or where they drive, there is little appetite to give consent. However, the picture is very different when it comes to sharing diagnostic data to help with early diagnosis of faults or to help flag warranty or safety issues. 95% were happy to share data if it helped to diagnose or prevent faults, 93% were happy if it enabled the automatic alerting of a breakdown company and 82% were happy if it helped to identify safety and warranty issues.
Around seventy percent of BVRLA members and fleet managers believe that vehicle manufacturers have an obligation to provide vehicle data, with 86% saying that they should not have to pay for it.
Seventy-nine percent of respondents said they were concerned that vehicle manufacturers would restrict access to telematics data to further their own business goals. Eighty-nine percent of them believe that manufacturers should allow them to install third party telematics devices, provided that they meet agreed security standards.
BVRLA Chief Executive, Gerry Keaney said: “Connected vehicle data is rapidly becoming the new currency of the fleet sector and will drive many business models in future.
“Our responsibility is clear. The BVRLA will play a lead role in helping the fleet sector work with government and the wider automotive supply chain to ensure that all parties share data in an open, secure and fair way. By doing this, we can make sure that businesses and consumers continue to enjoy a competitive choice of suppliers for fleet management, aftermarket and mobility services.”
Author: BVRLA https://www.bvrla.co.uk/
The new General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 marking the biggest overhaul of data protection since the introduction of the current Data Protection Act (DPA) in 1998. Seen as more of an evolution than a revolution, GDPR is effectively a more detailed and robust version of the current regulation, … Continued
Airbags. Yeah, yeah, fifteen of them, thanks. ABS brakes. Yup, standard since 2004. Anti-skid electronic stability control – sure thing, yes, got that as well. So? Why are you asking? Perhaps because we’re beginning to take safety a little too much for granted. For all those great strides in safety, such as standard ABS, there … Continued
The Frankfurt Motor Show is always a massive excuse by the German car makers to show off their latest products. The new Audi RS4 Avant is one (oh, yes please). The Mercedes-AMG Project ONE another (I’d happily wait for that). And the 600bhp BMW M5 (reckon I could tuck that away in my garage, too). … Continued
I am a great lover of new technology. I’m not always brilliant at operating it, I’ll be the first to admit, but technology has such potential to improve our lives and the society we live in. It can also dominate our lives in unfortunate ways if used incorrectly – or fail to provide the expected … Continued
One of the advantages of our lofty office at our Skypark HQ is the view. When it isn’t raining of course. Recently I’ve been looking out trying to envisage this: what will the fleet of the future look like? In 2027 – that’s only 10 years away – will we all be moving silently around … Continued
OK, OK, I know this sounds a bit, well, sci-fi. But hold on a second. Recently I was at a Frost & Sullivan conference on Intelligent Mobility. It was a fascinating snapshot of the vast array of connected technologies and autonomous driving technology that will be coming our way. But, let’s be honest, the one … Continued
There are many difficult decisions facing managers of company car fleets. And one of the key issues is this: what is the right fuel choice for my fleet? Diesel has been (past tense) the fuel of choice for company cars for a variety of reasons: it’s fuel efficient, and therefore cost effective; it’s also advantageous … Continued
So the combustion engine will be consigned to history in 2040 that much we know (see my previous blog: You’re fired – petrol and diesel engines get the bullet). While we have been keen green backers as a progressive option for fleet for some considerable time, petrol and particularly diesel vehicles still have their place in … Continued
Mairi tells us about her experiences as a volunteer in Malawi and how Celtic FC Foundation and Mary’s Meals are helping towards a better future for the children of our third world. Describe a typical day for you in Malawi? We would leave our accommodation at 7.30am every morning to travel to the under six … Continued
You can almost see Lord Sugar pointing his finger at the quivering offenders – in this case not a wannabe but the very internal combustion engines that have powered company car fleets for years. But in a dramatic statement today, the Government has announced that the sale of new petrol and diesel engined cars will … Continued