Connected Vehicles

Whether fueled by gas, electricity or an alternative energy source, all connected or autonomous vehicles require large quantities of data to operate — information that must be safeguarded.

Odia Kagan tracks rapidly evolving issues at the intersection of transportation and data security to advise automotive industry clients on how to keep their data secure and comply with domestic and international data privacy laws and regulations. A thought leader in this emerging field, Odia is a frequent author and presenter on data protection for vehicles employing autonomous and computer-aided navigation.

Article: Can Location Data Truly Be Anonymized? New Research Says No

New research, detailed in an article distributed by the International Association of Privacy Professionals, suggests location data is vulnerable to reidentification, even in a very large dataset.

Article: EU: EDPB Issues Guidelines on Connected Vehicles

The European Data Protection Board has issued final guidelines for the processing of personal data related to autonomous vehicles.

Article: Federal Cyber Shield Act Aims to Protect Connected Devices

U.S. lawmakers have reintroduced legislation to protect connected devices.

Article: California Law Would Govern Use of In-Vehicle Cameras

The California Senate Judiciary Committee has approved a bill regarding consumer choice related to the installation and use of in-vehicle cameras.

Alert: Israeli Justice Ministry Lays Out Key Questions on Regulation of Autonomous Vehicles

Israel's Ministry of Justice has issued a call for public comments regarding the regulation of autonomous vehicles, with a focus on the tort and insurance aspects.

Article: French Data Protection Authority Sets Guidelines for Use of Drones by Law Enforcement

France’s CNIL, the Commission Nationale de l’Informatique et des Libertés, has opined on the “Global Security law” and use of drones by law enforcement.

Article: Groups Outline Cybersecurity Risks for AI in Autonomous Vehicles

The European Union Agency for Cybersecurity (ENISA) and the Joint Research Centre of the European Commission (JRC) have issued a joint guidance on “Cybersecurity Challenges in the Update of Artificial Intelligence in Autonomous Driving.

Article: German Federal Government Advances Effort to Govern Autonomous Vehicles

German Federal Transport Minister Andreas Scheuer predicts the new rules will make Germany "a world leader in autonomous driving."

Article: Blurred Images Collected by Autonomous Vehicles Can Be Personal Data Under GDPR

Automated vehicle manufacturers beware: Blurred images can still be personal data under the European Union’s General Data Protection Regulation (GDPR), says French Data Protection Authority CNIL in a statement on the use of drones by French police.

Article: European Parliament Addresses Smart Mobility Apps, Data Privacy and C-ITS

The European Parliament issued a detailed study on the impact of smart mobility applications on the future of transport and addressed some data protection issues.

Article: German Transport Authority, Information Security Office Plan Cooperation on Autonomous Vehicles

The German Federal Motor Transport Authority (KBA) and the Federal Office for Information Security (BSI) recently signed an administrative agreement for cross-departmental cooperation to facilitate and accelerate the safe development of automated and networked driving.

Article: Ireland: Employee Vehicle Tracking And Guidance From the DPC

Due to the importance of data protection law for employee monitoring practices, a careful and considered approach must be taken when potentially highly intrusive methods, such as tracking employee vehicles, are used.

Alert: Federal Autonomous Vehicle Bill Includes Detailed Privacy, Cybersecurity Requirements

A detailed summary of the data protection and privacy provisions included in the federal Safely Ensuring Lives Future Deployment and Research in Vehicle Evolution (SELF DRIVE) Act.

Article: Connected Vehicles Covered by Data Protection Laws

Wards Auto: Today’s computer-aided vehicles compile a broad range of location, communication and other data, some of which can be used to identify the individuals using the car, or the car itself. This personal data falls under the scope of privacy laws such as the California Consumer Privacy Act and the EU’s General Data Protection Regulation.

Alert: European Commission Releases Autonomous Vehicle Privacy Recommendations

The EU recommendations for safeguarding basic privacy rights include obtaining informed consent for data processing, offering users various levels of privacy, protecting the rights of groups such as pedestrians, drivers and passengers and adopting transparency strategies.

Article: Protecting Data from Autonomous Vehicle Training: Guidance from the Lower Saxony DPA

Privacy Compliance & Data Security: Training autonomous vehicle navigation systems requires the collection of copious amounts of visual data, including images of license plates and recognizable faces. A regional German Data Protection Authority offers guidelines for processing and protecting that data. 

Article: EDPB Issues Draft Guidelines on Connected Vehicles

OneTrust Data Guidance: The European Data Protection Board’s guidelines encourage vehicle manufacturers to build-in “protection of personal data” during the design phase and call on all stakeholders, from car dealerships and repair shops to in-vehicle entertainment system providers, to prioritize data privacy.

Alert: We're All Connected: EDPB Publishes Draft Guidelines on Connected Vehicles

The European Data Protection Board published broad guidance on safeguarding the data collected by connected vehicles, including three categories requiring special attention: location data, biometric data and data that could reveal traffic offenses. 

Webinar: Connected Vehicles, Connected Data, Complex Compliance

In this OneTrust webinar, Odia joins Andreea Lisievici, Head of Group Data Protection Compliance at Volvo Car Corporation in Sweden to discuss the types of data that connected vehicles process and how that data is governed by the EU’s General Data Protection Regulation and the California Consumer Privacy Act.