Between cybersecurity and competition: a German perspective on developments in the automotive industry
Published on 13th Apr 2023
The automotive world is changing. Cybersecurity threats require appropriate responses from vehicle manufacturers.
In their expert article for RAW (March 2023), Elisabeth Macher and Paul Schmitz (together with attorney Dr. Frank-Bernd Weigand, A.T.U General Counsel) draw the following conclusion:
„At the same time, competition in the automotive aftermarket needs to be protected. Effective competition thrives on unrestricted access to the vehicle; this necessarily includes access to the vehicle data stream via the OBD port. However, this tension between vehicle security and effective
competition is not one that the vehicle manufacturer needs to resolve; it has already been considered by the legislator and regulated accordingly. Protecting the vehicle from cybersecurity
attacks is legitimate and important. But it must not lead to restrictions on access to the vehicle by independent workshops. In practice, this means that cybersecurity measures can and must be implemented via the technical design of the vehicle so that, for example, it is not possible to execute malicious commands while the vehicle is in motion. Restricting access to the OBD port altogether, on the other hand, is not a legitimate option. The legislator’s intention was precisely to prevent the manufacturer from controlling who can compete with it or its affiliated workshops on the aftermarket
by determining access conditions. The conditions for access have, therefore, been conclusively determined by the legislator itself.“
You can find the complete article here.