SafePASS Regulatory Ethical and GDPR Compliance Framework

This is a public deliverable of the EU funded (H2020) project SafePASS. The deliverable number is D7.2.

Executive Summary:

This deliverable reports on the first work conducted in the context of Task 7.2 (Regulatory, ethical and GDPR compliance framework). The scope of T7.2 is to produce a framework to support the SafePASS solutions in meeting their overall regulatory,
ethical and GDPR obligations.

The IMO regulatory framework for LSA and ship evacuation with its well-known gaps and restrictions has been carefully considered from the preparation stage of SafePASS project. One of the project’s main objectives is to support the ongoing work in IMO on an enhanced regulatory framework on ship evacuation. However, considering the plethora of new systems proposed in SafePASS, and the strict rules that govern ship design, operation, and maintenance, many issues concerning the integration of the new systems onboard may arise. 

In this context, D7.2 starts with a mapping of the relevant, to the project’s scope, specific SOLAS areas and identifies possible challenges and implications. Challenges identified due to the prescriptive nature of FSS Code and LSA Code, which do not
match with the SafePASS novel evacuation approach. This is further evidenced in Section 3 where the current compliance options in the context of the AD&A and the ship evacuation analysis frameworks are discussed.

The Safe Return to Port is another SOLAS area which will be challenged. This is because SRtP is relevant to the design, while the new systems proposed in SafePASS are also considering operational scenarios. This different approach may further evidence the
need for harmonization in the regulations, as well as an update of the current SRtP Explanatory Notes.

Possible integration difficulties for SafePASS components (including components of the smart environment) may arise from the safety management system as enforced by the ISM Code. Integration difficulties refer mainly to the reliability assessment options (i.e. redundancy, functional tests, maintenance routines and possible replacement) for the systems onboard, as required in the maintenance and emergency preparedness elements of the ISM Code. This Code has recently added requirements for cybersecurity management including measures such as network segregation and separation between OT and IT networks, that must be also considered. 

SafePASS could challenge STCW as well. The effective use of the SafePASS solutions may require additional competencies from crew members that should be compared with the current competencies listed in the STCW Code.

Integrating ethics in SafePASS project life cycle, as well as disclosing, embedding and organizing ethics in the design process have been formulated, and personal data protection regulation, as well as personal data management and privacy by design principles have been defined.

The second deliverable on the same topic (in month 36), will examine the SafePASS integrated system in order to identify explicit areas challenged in the maritime regulatory framework and support the recommendations to address these challenges that are going to be produced in WP9.