With Data Protection to Data Treasure – But How?

The increasing prevalence of connected cars and advanced driver assistance systems makes vehicles more than just means of transport. They are computers on wheels that collect and transmit huge amounts of data. This data can include everything from location information and driving behaviour to biometric data and even personal preferences. Safe handling of them has become all the more important.

Data Protection

By Wolfram Stein, Business Development Manager bei der CAR Information Services GmbH

Data in the automotive industry can be used to improve the driving experience and make vehicles safer. However, the handling of them should always comply with the applicable regulations. Car manufacturers are, therefore, well advised to prioritise data protection and security already in the design and development of their vehicles.

Data security comes first

One of the most critical steps car manufacturers can take to protect the privacy of drivers and passengers is to implement robust data protection measures. This may include data encryption in transit and at rest, and firewalls and intrusion detection systems to prevent unauthorised access to vehicle systems.

In addition, car manufacturers must ensure that they only collect the data necessary for the vehicle’s operation or the provision of certain services. They must also obtain explicit consent from drivers and passengers before collecting personal data and provide clear and transparent information on how this data will be used and shared. An important aspect is also the need to minimise data retention periods. As soon as the data is no longer needed for its original purpose, it should be deleted or anonymised to prevent misuse or unauthorised access. Car manufacturers should establish clear protocols for data breaches and work closely with regulators to ensure that their privacy and security practices comply with applicable laws and regulations.

Data protection and data sovereignty for independent workshops

Data protection and data sovereignty are also indispensable for SMEs from the automotive sector, including independent car repair shops. Companies should take appropriate measures to protect personal data and trade secrets and to comply with legal requirements. Here is why:

1. Protection of personal data: Independent car repair shops often collect personal data from customers, such as names, addresses and contact details. Protecting this data is not only a legal obligation but also builds trust with customers.

2. Prevention of data misuse: Data protection measures also help to prevent the misuse of data by third parties. Appropriate security precautions are required when storing data in digital systems, in particular.

3. Compliance: SMEs in the automotive sector must meet certain data protection requirements in order to comply with legal regulations such as the General Data Protection Regulation (GDPR). Non-compliance can result in heavy fines.

4. Competitive advantage: Companies that take data protection and data sovereignty seriously can position themselves as trustworthy partners towards customers and business partners. This can be an important competitive advantage.

5. Protection of trade secrets: The protection of trade secrets is also of great importance for companies. Data sovereignty here means that companies can decide for themselves what data they share and with whom.

Dealing with data in Car Repair 4.0

Car Repair 4.0 is driving the digitalisation of car repair shops. By using digital systems and technologies, car repair shops can work more efficiently and provide better service to their customers. At the same time, however, the amount of data that is collected and processed is also increasing. To ensure data protection and data sovereignty, car repair shops should, therefore, take certain measures: You should only collect and store the data that is necessary for the operation of the Car Repair Shop. Data should always be stored encrypted to ensure confidentiality. Access to sensitive data should be limited to staff who need the information. If data is passed on to third parties, appropriate contracts should be concluded to ensure data protection.

Gaia-X creates trust

Gaia-X is a European project to create a secure and trustworthy data infrastructure. The aim is to build an infrastructure that enables companies to share and process their data without hesitation. Gaia-X offers the following advantages for car repair shops and other companies in the automotive sector:

  • Data sovereignty: Companies retain control over their data and can decide for themselves what data they share and with whom.
  • Security: Data is stored and processed on a secure infrastructure to ensure confidentiality and integrity.
  • Trust: By creating a trustworthy data infrastructure, companies can gain the trust of their customers and business partners.

Where is the journey of data going?

A solution is within reach. In this way, a legally secure digital identity for motor vehicles creates access to all digital services in the aftermarket, independent of manufacturer and across systems. Taking into account the legal requirements of data and consumer protection in dealing with motor vehicle data, it should thus be possible for the data sovereign, i.e. the owner and user of a motor vehicle, to control access to their data. The data sovereign becomes a data trustee on their own behalf. An approach that the German Minister of Consumer Protection already took in 2019. Access to the data could then be managed anytime and anywhere by the data sovereign – for example via a smartphone app.

Did you like this article? Then subscribe to our newsletter and receive regular updates on related topics and the Service-Meister project and discuss this and similar exciting topics with us in our LinkedIn group.

Share on
About Ralf Schädel
Ralf Schädel is an IT editor, speaker, and project manager at eco - Verband der Internetwirtschaft e.V. in the field of cloud services and Gaia-X. For more than 20 years, the publishing editor has been publishing and speaking in the area of editorial communication of daily newspapers such as the Bonner Rundschau and the Kölner Stadtanzeiger, publishing houses such as Medienhaus, where he was the content-responsible editor for the trade magazine IT-Mittelstand and to whose sister publication IT-Director he contributed. He also handled editorial topics at agencies such as Kernpunkt, the digital agency i22 and PR Partner (now Palmer Hargreaves) as well as in corporate communications at Deutsche Telekom. At eco, Ralf is responsible in particular for the communication of the projects Autowerkstatt 4.0 and Service-Meister. His professional profile: LinkedIn, Xing.