Germany’s Federal Commissioner for Data Protection, Andrea Voßhoff, has given her view on data protection in digitised traffic systems with her “13 Recommendations” in relation to automated and connected cars. In a public presentation held at the symposium “Data protection in automated and connected cars” in Berlin on 1 June 2017, she stated that car users should have a “full control of the use of personalized vehicle data” (see in German here).
Non-binding, but relevant – focus on transparency
The Recommendations are non-binding. They are recommendations for the industry (suppliers, car manufacturers, and other data controllers) to give shape to the requirements of transparency and “privacy by design”. At the same time, they provide orientation for the German regional data protection authorities when interacting with data controllers and processors, and enforcing the law. Based on the principle to safeguard the driver’s privacy and his constitutional “right of informational self-determination”, drivers shall be able to access relevant personal data and request data deletion, unless the collection and storage of their data is justified in law. The Recommendations stand in line with previous statements and guidance notes issued by data protection authorities and the Association of German Car Manufacturers (VDA) (see from 2014 and 2016 in German).
Recommendations in detail:
The Recommendations are deliberately short, in order to be clear and actionable.
Recommendation 1: Car users shall be clear on which personal data may be collected without the car user’s consent, and hence are based on a justification in law.
Recommendation 2: If necessary, the user shall be in a position to access all information relating to the processing of his personal data, e.g. via the dashboard.
Recommendation 3: Processing operations in cars and for data-driven services shall be limited to the extent strictly necessary. The same applies for car-to-car communication in intelligent traffic systems.
Recommendation 4: Storage of personal data is generally not required in the normal driving mode. Data that are being processed for car-to-car communication shall, in particular, be protected from unauthorized use or recording by means of encryption.
Recommendation 5: Data shall be anonymized if the processing purpose does not require drawing on processing personal data.
Recommendation 6: If automated driving requires recording the car’s surroundings, such recordings shall be deleted once they are no longer necessary for fulfilling the respective purpose.
Recommendation 7: Security measures, including those applied for authentication purposes in car-to-car communication, shall not create unnecessary data protection risks.
Recommendation 8: Users need technical configurations that allow or limit access to specific categories of data, unless mandatory provisions stipulate otherwise.
Recommendation 9: Car manufacturers shall implement “privacy by default” (default settings / Voreinstellungen) in their cars. Users shall be able to set the functions such that their driving behaviour is revealed as little as possible.
Recommendation 10: Car manufacturers shall design the driving and convenience functions in such a way that processing operations take place within the vehicle. The use of certain function shall not be contingent on (actually unnecessary) external data processing.
Recommendation 11: Car users shall be able to easily delete personal data, and, as with smart phones, to reset the digital status of the car to the state at delivery, unless mandatory provisions stipulate otherwise.
Recommendation 12: Unauthorized access to the storage units of the car as well as any manipulation of the data collected shall be excluded.
Recommendation 13: Online communication components shall be designed in such a way that they provide effective protection against cyber attacks.
The German Federal Government is determined to pave the way for automated and connected cars in Germany and to take a lead role in shaping the framework of the future. It has passed new rules on automated driving in March 2017 (bill of 29 March 2017 here; see our Newsflash on the draft bill here and preceding discussions we presented earlier here.