A Systematic Approach for Automotive Privacy Management

As of today, car manufacturers are currently addressing privacy goals primarily from a legal perspective. However, with the common acceptance of privacy by design, it is important to also address the technical perspective. As of today there is no systematic understanding or even approach how to address privacy requirements. Our contribution is twofold: (i) We propose a system model for the automotive domain to model and analyse a use case for suitable locations of adding privacy enhancing technologies. (ii) As a generic solution, we propose the privacy manager, a generic entity which supports applications in the implementation of privacy enhancing technologies or enforces a certain data flow avoiding that information is leaked in an avoidable way. To evaluate our approach, we apply our system model at two automotive scenarios, platooning and silent testing, and describe how the privacy manager can be used to integrate privacy considerations early on. In general our proposed system model was easily applicable to the two chosen use cases.