The objective of TIARA project’s Work Package 3 (WP3) Legal and Ethical Aspects was to review the legal and ethical ramifications for NRAs when making use of C-ITS data, and of how these change the role of the NRA.

The main objective of the first work phase for June 2024 Interim report was responsibility of the road authority to ensure that data is accurate, and the accountability when inaccurate datais sent.

The use methods were literature review, interviews, workshops, and collaboration with the other TIARA project’s work packages of security (WP2) and privacy (WP4), as well as CEDR Project Executive Board (PEB) and CEDR Data Call 2022 DROIDS and PRESORT projects collaboration in the workshop.

We use digital certification to assure the identity of people and devices, as well as the authenticity and secrecy of information. A Public Key Infrastructure (PKI) makes sure that the certificates can be trusted, and involves the set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. For cooperative intelligent transport systems (C-ITS), digital certificates can be used to establish trust between vehicles and traffic infrastructures. This again allows them to interact with each other, share data and make decisions in a safe and secure manner.

The work started with conduction of interviews with relevant stakeholders. We have carried out seven interviews which provided input from a total of ten informants, mainly from European road authorities and road operators, but also from private actors and the European Root CA provider.

Chapter 2 introduces the purpose and scope of the Trusted Integrity and Authenticity for Road Applications (TIARA) project, which seeks to enhance trust in Cooperative Intelligent Transport Systems (C-ITS) by addressing privacy and re-identification risks. The primary goal is to provide practical guidance on ensuring secure and privacy-preserving data infrastructures for road applications. As connected vehicles proliferate, the threat of unauthorszed data access and vehicle re-identification grows. This chapter establishes the framework for the subsequent research on mitigating these privacy risks, focusing on legal and technical perspectives, including trust models, encryption, and regulatory standards. It also provides an extensive list of terminology and nomenclature which is necessary to understand in order to correctly grasp the context of the remaining discussions.