Publication
Road to COP29: Our insights
The 28th Conference of the Parties on Climate Change (COP28) took place on November 30 - December 12 in Dubai.
Australia | Publication | oktober 2024
In the 2020s, modern vehicles are becoming less about machinery and more about software. An integral part of this software revolution is the generation and communication of ever larger volumes of data. Such data flows will ultimately enable the realisation of fully autonomous driving in the 2030s and we are already seeing the rapid development of the legal framework to enable this.
Today, we live in the era of ‘connected’ vehicles, rather than autonomous vehicles. Connected vehicles deliver many important benefits to drivers, ranging from providing important safety features, vehicle health and maintenance information, and infotainment. Connected vehicles are becoming increasingly technologically advanced and connected to the world around us by utilising an embedded SIM and antenna within the vehicle. Over the coming years, new models of connectivity will continue to evolve providing greater scope for automotive innovation.
Against this dynamic landscape, Governments around the world are considering how connected vehicles should best be regulated. In many jurisdictions, including Australia, the pace of innovation is running well ahead of the regulatory framework, creating legal risk as well as the need for regulatory reform. In this article, we consider the scope of telecommunication and cybersecurity laws applicable to connected vehicles and some legal reforms on the horizon.
Modern Australian telecommunications regulation dates from 1997 and seeks to promote the long-term interests of Australian consumers, as well as the efficiency and competitiveness of the Australian telecommunications sector. To achieve this, the regulatory framework creates three primary categories of regulated entity:
Where vehicle manufacturers acquire a telecommunications service at wholesale from a carrier and then supply connectivity to consumers in a direct contractual relationship (whether bundled with other automotive services or not), such vehicle manufacturers are likely to trigger the statutory definition of a CSP. If the vehicle manufacturer is arranging the sale of connectivity on behalf of a third party, they may also trigger the statutory definition of a ‘carriage service intermediatory’ (CSI) with consequences similar to that of a CSP.
As such, to the extent that vehicle manufacturers become retailers of telecoms connectivity to deliver advanced automotive services, they are likely to trigger Australian telecommunications regulation.
There are various regulatory obligations that could apply to vehicle manufacturers that supply connectivity for connected vehicles to consumers, depending on the type of business model adopted. An overview of some of the key categories of regulation is provided below.
Regulatory category |
Regulatory obligation |
Consumer Protection |
Manufacturers may be subject to bespoke telecommunication consumer protection obligations, in addition to those contained in the Australian Consumer Law. The Telecommunications Consumer Protections Code (TCP Code) is a binding code enforceable by the ACMA which sets out a range of consumer law obligations. CSPs could also be required to join the Telecommunications Industry Ombudsman (TIO) scheme. The scheme provides for the TIO to investigate consumer complaints and make determinations. |
Cybersecurity |
Vehicle manufacturers could be subject to additional cybersecurity regulatory obligations, such as the requirement to ‘do their best’ to prevent telecommunication networks and facilities from being used in or in relation to the commission of offences. Australia is also in the process of enacting new cybersecurity legislation that could have potential application to certain aspects of connected vehicles. We expect a new Cyber Security Act to be enacted this year. |
Lawful Interception and Data Retention |
CSPs must retain certain information and documents so that they can be accessed by law enforcement agencies and for national security purposes. |
Privacy |
Given the large volume of data that connected vehicles generate, privacy law considerations are becoming more important. Significant media has already been generated in the United States regarding the extent to which consumer data is collected by vehicles and conveyed to third parties. |
As the Federal Government seeks to ensure that the regulatory framework keeps pace with rapidly changing automotive technologies, we expect to see progressive reforms that seek to facilitate the next generations of connected and autonomous vehicles. This is already occurring today:
The Australian regulatory framework is changing in real time in an attempt to keep pace with rapid innovation in the automotive sector. We expect significant reforms over the next 12 months and such reforms are likely to continue as we move from the world of connected cars in the 2020s into the world of autonomous vehicles in the 2030s. Such reforms do create risk and it will be important to ensure that new technologies continue to remain legally compliant as we drive towards the future.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023