Law and Cyber Security in Smart Road Traffic


  • Sabrine Wennberg
  • Erik Zouave
  • Margarita Jaitner

Publish date: 2019-12-31

Report number: FOI-R--4811--SE

Pages: 99

Written in: Swedish


  • smart traffic
  • smart cars
  • intelligent transport systems
  • autonomous vehicles
  • automation


Autonomous vehicles are a trend that has gained momentum in recent years and is likely to have a major impact on our society. This trend presents new challenges for road traffic. The progressive automation of vehicles entails both increasing complexity, but also that technology will ultimately have a direct impact on human life and health. This, in turn, puts the issue of cyber security and its regulation into sharp focus. This study maps a number of legislation and regulations that are relevant to cyber security in connected, automated vehicles. The legislations were identified on the basis of previous investigations into legislation and regulation. The following areas were the main focus of the study: the civil law for robotics, data protection regulations, network and information security regulations (NIS), protective security regulations, proposals for cyber security act, regulations on intelligent transport systems and cooperative intelligent transport systems (ITS and C-ITS), product liability and motor vehicle type approvals, vehicle inspection regulations and insurance regulations. The cyber security regulation as a whole consists of fragmented and complex laws. Different legal regimes fulfil different purposes, with requirements addressed to varying actors and activities. While there are no harmonized security requirements between different regimes, some security measures are recurrent. These measures include reporting activities to competent authorities, assessing risks and taking security measures, as well as notifying of security incidents.