Every morning, your favorite radio station plays, the navigation system knows all your destinations, especially your home address, and your phone, synchronized with your car, is full of contacts. Modern cars are “rolling computers” that tirelessly collect data about their occupants during almost every activity. The motor vehicle has long since ceased to be a largely analogue means of transport with a combustion engine cars as “rolling” computers.
Data collect and stor includes, for example, engine speed, spe, mileage, turn signal activation, braking behavior, traffic data, when a car is locked and unlock, and the driver’s seating position. This data allows numerous conclusions to be drawn about the driver and their driving behavior. Sensors can record height and weight.
Vehicle data as personal data? cars as “rolling” computers
At first glance, the data mentioned appears to be purely technical (vehicle) data. However, due to today’s interconnectedness and the immense volumes of data, there is hardly any technical data without a personal reference. According to Art. 4 No. 1 GDPR, ” personal data ” is all information relating to an identified or identifiable natural person.
When assessing whether vehicle data can be consider personal data, germany business fax list the key factor for data with a purely technical appearance is whether it is possible to identify the person. For this purpose, it is sufficient that various pieces of information can be combined cumulatively and thus assign to a natural person. By linking sensor data with other data sources, a personal identification can usually be establish. In particular, a personal reference exists if the vehicle data can be link to the vehicle identification number or the license plate number. This is generally the case.
Is legislation lagging behind technology?
In theory, this data, which qualifies as personal data, falls under the protection of the GDPR. In practice, however, the problem arises that buyers of modern cars often have difficulty or are unable to determine what data is being collect . What it is being used for. As a result, how marketers are reacting to coronavirus and their tips it is also impossible. Provide informed consent as a legal basis for data processing.
For example, Tesla’s “Customer Privacy Policy” contains an eight-line text under the heading “What Information We Collect. Stating that Tesla uses “three main types of information”: “from and about you or your devices.” “From or about your Tesla vehicle,” and “from or about your Tesla Energy Products.” All “additional information” requires a further click to access. The categories “We may use your information for these purposes,” “Sharing your information,” and “Choice and Transparency” are also extremely brief and require a further click for further information. This makes it impossible for the data subject to determine whether they have a complete overview of all regulations.
New guidelines to protect against hacker attacks
Connected vehicles not only diligently collect data, albania business directory but are also particularly. Vulnerable to hacker attacks due to their numerous interfaces. Drivers can hardly protect themselves against this and must trust that manufacturers have well secured their vehicles and backend systems. Against this background, the EU directives UNECE Regulation R155 (Cybersecurity Management System) and R156 (Software Update and Software Update Management System) , which have been in force for new type approvals since July 2022, are to be welcomed.