24 October 2018
  • The FLOURISH consortium has published recommendations on how passengers’ data should be utilised and protected by Connected and Autonomous Vehicles (CAVs).
  • The report highlights that trust is key, with 94% of consumers claiming they would need to trust a company before sharing their personal data, valued at a combined £32 billion.
  • Recommendations are provided for cyber security, as 36% are nervous about cyber-attacks on driverless cars.

As members of the FLOURISH consortium, the companies have urged government and industry stakeholders to create a ‘data map’1 to clarify who will need access to passengers’ data, what this data will consist of, and when it will be used.

The map will increase consumer trust and provide clarity into what personal information passengers will be sharing when using CAVs. Trust is a key talking point of the report, highlighting how 94% of consumers need to trust a company in order to share personal data with them.

The report also investigates the issue of cybersecurity and suggests measures to protect both CAVs and their passengers. It notes that ‘lifetime system security is a key consideration for the CAV ecosystem’, as 36% are nervous about cyber-attacks on driverless cars.

What is personal data worth?

It is estimated that by 2025 the value of data to the driverless market will be £32 billion per year. To understand this further, AXA commissioned research2 into how consumers value their personal data. The results show the average person believes their basic data (name, age, address) is worth £119, while data regarding where they travel to, from and how often is worth £120.

Type of data
Perceived average worth in £s
Telematics data
(driving performance in varying conditions)
Basic personal data
(name, age, address etc.)
Trip data
(locations travelled to and from and how often)
Special data
(religion, ethnicity, place of birth etc.)
Medical data
(GP notes, medical conditions etc.)

David Williams, Technical Director at AXA UK, says: “CAVs will only become a reality if users trust us with their personal data. This data is integral for driverless vehicles to provide reduced congestion, fewer accidents and better mobility for all. This report shows how the government, car manufacturers, software developers and insurers need to work together to understand how, and when, motorists’ data should be used.”

Burges Salmon's head of transport, Chris Jackson, says: “The FLOURISH Year 2 report has set the groundwork for both the conversations and the actions that need to take place surrounding personal data. Without this data, CAVs will no longer become a reality, so it is imperative we get this right. What’s more, it highlights the importance of security measures required to protect this data in a world where cyber-threats are constantly changing.”

The report raises the question of who should be the ‘data controller’ (i.e. the person or body legally in charge of data) of the information gathered by CAVs. According to AXA’s research, 20% feel that this should be the government, while 16% think a new driverless car regulatory body should be created. Only 5% said the manufacturer of the vehicle should be the data controller.

However, when asked who the data controller should be allowed to share this information with, two thirds said the emergency services, 45% said insurers and 41% said breakdown services. In fact, almost 70% of people said they would share their data if it improved road safety.

Read the FLOURISH Insurance and Legal Report 2018 in full.

AXA and Burges Salmon are members of the FLOURISH consortium, alongside partners from large and small businesses, academia, the not-for-profit sector and local authorities.

Key contact

Chris Jackson

Chris Jackson Partner

  • Infrastructure
  • Procurement and State Aid
  • Transport

Subscribe to news and insight

Burges Salmon careers

We work hard to make sure Burges Salmon is a great place to work.
Find out more