PRIVACY AND PERSONAL DATA PROTECTION IN SELF-DRIVING CAR: SUGGESTION FOR LEGAL REGULATION IN SERBIA

Abstract

This paper deals with legal regulation in the field of the self-driving car (SDC), an autonomous vehicle without a human driver. A survey carried out in Serbia on the acceptability of this vehicle in everyday life indicated the distrust of the population in driving with SDCs due to concerns of violation the privacy, distrust in the protection of personal data and insufficient security and cyber security. For proper functioning and especially for artificial intelligence (AI) decision-making the SDC needs a large set of data, including personal information. In this paper the legal framework for collecting, storing, processing and erasing of personal data for SDCs is developed. Most of regulation are new, due to the technical novelty of the SDC, which uncouples the driver and the vehicle are in the driving process. In the paper, documents and acts which protect privacy according to the EUs General Data Protection Regulation (GDPR) are suggested. Principles for data security and, especially, for cybersecurity of data are legally regulated and proposed to be incorporated into the future law of transportation. The suggested legal regulation would increase the trust of population in the SDC.