House Passes Self-Driving Car Bill, IoT Component Manufacturers Expect Booming Business

Components of the Internet of Things will be an important part of the safety, cybersecurity and privacy aspects of the SELF-DRIVE Act and related legislation.
By Ronald E. Quirk

The bill also mandates that within one year after passage, the SoT must submit a rulemaking and "safety priority plan" detailing NHTSA's safety priorities to both houses of Congress and the public. In addition to the safety priorities, the plan and rulemaking will contain information about objectives for additional performance standards of testing self-driving cars. IoT equipment standards will likely be updated as safety and performance standards of human-machine interface, sensors, actuators and software will be evaluated.

The subject rulemaking proceeding must be initiated 18 months after passage of the bill. The safety priority plan will be updated every two years, or more frequently as determined by the SoT.

Cybersecurity
The bill requires that all self-driving auto manufacturers develop a written cybersecurity policy that details the manufacturer's practices for detecting and responding to cyberattacks. The policy must include:

• a process for identifying, assessing and mitigating reasonably foreseeable vulnerabilities from cyberattacks and unauthorized intrusions
• a process for taking preventative and corrective actions against vulnerabilities, including response plans, intrusion detection and prevention systems
• identification of a cybersecurity officer and point of contact for cybersecurity matters
• a process for limiting access to automated driving systems
• a process for employee training and supervision for implementation and maintenance of the company's cybersecurity policy

Privacy
The SELF-DRIVE Act also requires self-driving auto manufacturers to develop a written privacy plan to protect sensitive information about owners, operators and occupants of self-driving cars. This privacy plan requires manufacturers to delineate the following:

• practices concerning how pertinent information is collected, used, stored and shared
• choices offered to vehicle owners, operators and occupants concerning the collection, use, storage and sharing of their information
• data minimization, de-identification and retention of information about the owners, occupants and operators of their cars
• methods for providing notice to affected parties about the company's privacy policy

JOIN THE CONVERSATION ON TWITTER
Loading
ASK THE EXPERTS
Simply enter a question for our experts.
Sign up for the RFID Journal Newsletter
We will never sell or share your information
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations