Odia Kagan of Fox Rothschild writes:
U.S Rep. Bob Latta (R-Ohio), ranking member of the House Energy and Commerce Subcommittee on Communications and Technology. has re-introduced the “Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution Act’’ or the ‘‘SELF DRIVE Act’’ to regulate autonomous vehicles. Key provisions relating to data protection include:
Cybersecurity Plan
Vehicle manufacturers are required to develop a cybersecurity plan that includes:
-
A written cybersecurity policy with respect to the practices of the manufacturer for detecting and responding to cyberattacks, unauthorized intrusions and false and spurious messages or vehicle control commands including:
-
A process for identifying, assessing, and mitigating reasonably foreseeable vulnerabilities from cyber attacks or unauthorized intrusions, including false and spurious messages and malicious vehicle control commands
-
A process for taking preventive and corrective action to mitigate against vulnerabilities in a highly automated vehicle or a vehicle that performs partial driving automation, including incident response plans, intrusion detection and prevention systems that safeguard key controls, systems and procedures through testing or monitoring, and updates to such process based on changed circumstances.
-
Read more on Fox Rothschild.