A one-way street
> driverless vehicle software updates would take place "over the air" and explained that "several BVRLA members have indicated they will not accept [this] as this means that sensitive customer, driver and/or vehicle data could be accessed by the manufacturer
This sounds to me like a rather desperate attempt at misinformation. There is no reason why a software update that is pushed to a vehicle (or PC or phone) would have the need or means to collect any information and pass it back. The payload can be delivered, validated by the vehicle (or PC blah blah) and installed. There is no need for data to travel in the other direction, once the vehicle's unique identifier has been received by the software dispatcher.
A further "safeguard" might be to have the updates handled by a third party. One that is obligated to NOT send any information back to the manufacturer.