Fleet decision-makers face an uphill battle to lawfully manage data generated by connected vehicles for legitimate business use as well as winning the confidence of drivers, according to a legal expert.

Marc Dautlich, head of information law and partner in the technology, media and telecoms team at international law firm Pinsent Masons, believes fleets will have to tread extremely carefully.

He told Fleet News: “Employers must find a lawful basis to use information and data generated from connected vehicles on their fleets.

“That is either with the consent of individual employees or they must establish a legitimate reason to use the data without it intruding so far into employees’ privacy as to be unacceptable.”

Legal issues stem from data protection and employment law, as well as article eight of the European Convention on Human Rights, under which an individual has a right to ‘respect for one’s private and family life, home and correspondence’.

A fleet technology report by the British Vehicle Rental and Leasing Association (BVRLA) recognises that connected vehicles, more integrated smartphone systems and autonomous safety technology will have a huge impact on the way fleets choose, operate and manage their cars and vans.

Additionally, it says: “This information will come in an incredible volume, variety and velocity, and it will need to be stored, processed and analysed in the right context.”

Dautlich said: “Employers must decide what information and data emanating from those devices they need to use and what they don’t.

“Where employers consider that they have a legitimate reason for use, they must establish data rule sets and explain them to employees.”

Key considerations for employers should be what information and data is important for them to access, why it is important and how it is going to be used.

“Information sourced from connected vehicles that had a business element must be balanced against employees’ privacy,” said Dautlich.

“Employers need to distinguish what data they are talking about and should tell employees that they are going to be monitored and the reasons for doing so.”

For example, recording and acting on information relating to journeys to validate mileage expense claims is acceptable.

However, monitoring company car movements when an employer was aware that a member of staff had booked two weeks’ holiday with their family could be considered an invasion of privacy.

Employers will have to decide from the information and data streams accessible what they did and did not require to effectively and efficiently manage the fleet operation, what data would be immediately destroyed and how long what was required would be retained in company records.

They would also need to explain to employees that some information may be accessible to the employer only in the event of an emergency.

Owners of fleet vehicles – end-user fleets, contract hire and leasing and rental companies – will need to forge stronger ties with providers of smartphone-type technologies that are new on the automotive scene.

Dautlich said: “Employees need to understand what the data streams are being used for.

“Some will not care and others will want to know why their employer needs to know their location at a given time on a particular day.

“Employees are entitled to a level of privacy and unless it is very clear to them what sort of information is being recorded and why, employers will find themselves in breach of data protection supported by human rights law.”

The BVRLA report said: “Drivers’ privacy concerns are two-fold – the security of their data against the outside world, which is where anti-hacking measures are vital, and the use of driver data within the organisation.

“Fleets wanting to use driver data need to get their support and consider a wealth of legal issues, such as employee contracts, data protection and even human rights legislation.

“In reality, the increasing proliferation of third-party apps aimed at drivers and fleet managers will mean that all stakeholders will have to relinquish some control over their data.”