How to handle data privacy issues in the car industry



Similar documents
New Ross Credit Union Web Site Statement

ACEA PRINCIPLES OF DATA PROTECTION IN RELATION TO CONNECTED VEHICLES AND SERVICES

Volunteer Driver Application Form

We respect your right to privacy. How The Mortgage Centre protects your information.

DISASTER RECOVERY INSTITUTE CANADA WEBSITE PRIVACY POLICY (DRIC) UPDATED APRIL 2004

USE OF STATE VEHICLES

GlaxoSmithKline Single Sign On Portal for ClearView and Campaign Tracker - Privacy Statement

Personal Information Protection Act ( PIPA ) Privacy-Proofing Your Retail Business Tips for Protecting Customers Personal Information 1

PRIVACY AND SECURITY POLICY

INTRODUCTION. Application of the Principles

The Ten privacy principles and our commitment to them are as follows:

Abilities Centre collects personal information for the following purposes:

Advanced Diagnostics Limited ( We ) are committed to protecting and respecting your privacy.

DARTFISH PRIVACY POLICY

Information About Our Organization and General Data Collection Practices. Lotlinx Website and Dealer Customers Marketing Efforts

PRIVACY POLICY. Effective: January 1, 2014 Revised: March 19, Privacy Policy Page 1 of 7

PRIVACY POLICY. Last updated February 2, 2009 INTRODUCTION

Sixty-fourth Legislative Assembly of North Dakota In Regular Session Commencing Tuesday, January 6, 2015

Part A) I. Focus areas from the perspective of the German Government s on automated and connected driving

Credit Union Code for the Protection of Personal Information

POLICY INVOLVING VEHICLE USE ON OFFICIAL COLLEGE BUSINESS AUTOMOBILES & OTHER MOTORIZED VEHICLES Last update: August 9, 2011

CHASE: YOUR RESOURCE FOR ALL YOUR FINANCIAL NEEDS

A+ Financial Services, Inc., A+ Auto Insurance Agency, Inc., and A+ Loans, Inc. Privacy Policy (Last updated 03/05/2014)

OUR ACTIVITIES IN THE COMPANY

Breakout A. Big Data

Iowa Student Loan Online Privacy Statement

debt collection software PRIVACY POLICY

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement

Advice of Accidental Death

Privacy Policy (Solitaire Automotive)

AUTO INSURANCE CLAIMS & RIGHTS

Custom House USA, LLC and Western Union Business Solutions (USA), LLC. Privacy Statement

myra Online Terms and Conditions

Crampton Credit Reporting Policy

Yuba County Administrative Policy & Procedures Manual

GE Money s Know Your Intermediary Broker Application

NOTICE OF PRIVACY PRACTICES

Taylor McEldowney Scholarship Application Companies hosting cloud computing services monitor and control

Allstate Indemnity Company Important Notice

LENS Program Checklist LENS Check performed by: (FOR OFFICE USE ONLY) Signature. LENS Check Results: (Please check one) ACCEPTABLE (5 or few points)

Coverage for Other People Using Your Car. Today s Lecture State Farm Car Policy. Other People s Use of Your Car - Example

Information Security Policy

U.S. HOUSE OF REPRESENTATIVES COMMITTEE ON ENERGY AND COMMERCE

Welcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully.

Independent Representative s Name: Code(s): Current AGA/MGA: The Applicant is requesting to Transfer to:

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information

1. TYPES OF INFORMATION WE COLLECT.

ICC/ESOMAR INTERNATIONAL CODE ON MARKET AND SOCIAL RESEARCH

2014 National Update: Service Contracts Ancillary Products

Estée Lauder Companies Global Jobs Website Privacy Policy

PRIVACY POLICY. Consent

Green Pharm is committed to your privacy. We disclose our information practices below and we agree to notify you of:

Privacy Policy & Identity Theft Prevention Program

How to make Uber work in Hong Kong

Employment Application Form

PERSONAL INFORMATION PRIVACY POLICY FOR EMPLOYEES AND VOLUNTEERS [ABC SCHOOL]

14724 Ventura Blvd., Suite 1205 Sherman Oaks, CA Firm Contact: Matt Stadelman Chief Compliance Officer

PIPEDA and Online Backup White Paper

PRIVACY POLICY (Update 1) FOR ONLINE GIVING FOR THE UNITED METHODIST CHURCH

Privacy Policy for Bell s Finder Services & Business Tracking Services

Policy Implications: Privacy, Security and Liability Big Data in Telecom. June TIA 2012: INSIDE THE NETWORK Dallas TX

Please read this Policy carefully. Your continued use of our sites means that you understand and consent to the terms of this Policy.

NATIONAL CONFERENCE OF INSURANCE LEGISLATORS (NCOIL) Proposed Model Act Regarding Motor Vehicle Crash Parts and Repair

Burke and Herbert Bank 100 S. Fairfax Street Alexandria, VA (703) ELECTRONIC FUND TRANSFER DISCLOSURE

4.7 Website Privacy Policy

Packerland Broadband Subscriber Privacy Notice

Written Submission to the Canadian Council of Insurance Regulators Credit Scoring Working Group

Guardian Angel Community Services Privacy Policy. Web site Policy:

HOME TRUST COMPANY PRIVACY NOTICE/PRIVACY CODE for Creditworx/Home Owner Merchant Express

What to do When Faced With a Privacy Breach: Guidelines for the Health Sector ANN CAVOUKIAN, PH.D. COMMISSIONER

Connected car, big data, big brother?

Explanation where the company has partially applied or not applied King III principles

LIDL PRIVACY POLICY. Effective Date: June 11, 2015

INVESTIGATION REPORT

CHAPTER 8 Licenses and Permits Solicitors and Transient Merchants

Application to access Chesters Trade

Improving Consumer Protection for Vehicle Repairs

Exhibit 2. Business Associate Addendum

Regulation P: Privacy of Consumer Financial Information. Frequently Asked Questions

ECSA EuroCloud Star Audit Data Privacy Audit Guide

ORIGINAL HOUSE BILL NO ENROLLED ACT NO. 31, HOUSE OF REPRESENTATIVES FIFTY-SEVENTH LEGISLATURE OF THE STATE OF WYOMING 2003 GENERAL SESSION

LATISYS SAFE HARBOR POLICY

Substantive Requirements for a Registered Investment Adviser under the U.S. Investment Advisers Act of 1940

Code of Ethics. for Financial Professionals

Pulaski Bank. Electronic Funds Transfer ELECTRONIC FUND TRANSFER AGREEMENT AND DISCLOSURE

Part II Corporate Governance System and the Duties of the Board of Directors, etc

PRIVACY POLICY. In this policy, the terms Adelaide Unicare and The Practice are used interchangeably and mean the same.

DATA RETENTION POLICY

FINANCING

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

The Manitoba Child Care Association PRIVACY POLICY

Privacy Policy and Notice of Information Practices

1 LAWS of MINNESOTA 2015 Ch 67, s 2. CHAPTER 67--S.F.No. 86 BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

Privacy Policy. Effective Date: November 20, 2014

Loan Application. Applicant 2 Co-borrower. Applicant 1 The borrower. Personal Details. Member Number. Title. Surname. Given names.

PRIVACY POLICY The type of web browser and operating system you have used:

Privacy Policy EMA Online

FIDO: Fast Identity Online Alliance Privacy Principles Whitepaper vfeb2014

Transcription:

How to handle data privacy issues in the car industry Björn Kjellén Chief information security officer (CISO)

introduction The Automotive industry is now delivering vehicles with connectivity for exchange of information, provision of services, emergency assistance, support of road safety and traffic planning, etc.. Many of these services require the location being sent from the cars which is regarded as sensitive information in many cases. In addition, it s possible to calculate the speed along the trip which is a concern as well. What kind of data do the car companies collect and how must this information be handled? Customer provided personal data You as a customer provides contact, vehicle, purchase, preferences information to the car companies via dealers, customer centers, websites, etc. Vehicle generated and recorded data The vehicle is automatically collecting data from the car and the surroundings, and is mainly of technical nature. This data is connected to the identification number of the car and might be traceable to you. It can include data about safety, in car system status, driving data, location, etc. 2

Why Vehicle data privacy principles is needed! The connectivity technology will give a lot of opportunities to provide convenience and services to the customers which requires collection of personal related data from the cars and from the consumer directly. Customer trust is essential to the success of vehicle connectivity technologies and services. It s about not only following legal requirements but also being an ethical company. Vehicle data will also support common services such as traffic status and planning, road safety, parking optimization, etc. The car industry must ensure that these vehicle technologies and services can deliver benefits to the customers while respecting their privacy. Vehicle data might be collected and sent from the car in an emergency situatation (E-call) or used in a legal process. The car industry must, besides the vehicle legislation, also take laws about Data Privacy into account when developing cars. 3

Consumer Privacy protection principles Transparency Choice Consent Data use Data Security Disclosures to third parties Marketing On request, provide the customer with clear notices about what data for which purposes the car company processes (collection, use and sharing). The customer, Owner or Registered Driver, is in the possession of the car and by that owns the data in the car. It s the customer s choice to share the data or not. The request for consent to process the customer s data must be clear and explicit. The consent must always be possible to revoke when the customer wants to do so. In some cases data must be collected from the car without having the consent in order to provide car maintenance, enhance quality, manage warranty issues and for legal reasons. The collected personal data is used for providing information about products, services, updates, support, offerings, etc. The data is also used for improving vehicle performance, quality and safety, and to comply with legal requirements. The data must only be retained as long it s necessary to fulfill the purpose as outlined at collection. The car company must implement reasonable measures to protect the processed customer information against unauthorized access, maintain the integrity and ensure availablity when needed. The car company must only disclose the personal data to a third party, after the customer s consent, when needed to provide maintenance, product information, offerings, etc. It might also be required due to a legal process. The car company should not sell or trade the customer s personal data without a consent 4

references Volvo Cars Customer Privacy Policy Auto Alliance Privacy Principles bjorn.kjellen@volvocars.com 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information