• Courses
      • Executive Management Courses
      • Global Series of National Privacy Laws
      • Netherlands Privacy Academy (in Dutch)
      • Caribbean Data Protection Academy
    • Resources
    • Join GADPPRO ACADEMY
      • Join GADPPRO Academy as an Official Partner
      • Become an Official GADPPRO Training Entity
      • Join the GADPPRO Business Academy
      • Secretariat & International Training Centre
      • Contact Us
    •  
      • RegisterLog in
    Privacad GADPPRO Academy
      • Courses
        • Executive Management Courses
        • Global Series of National Privacy Laws
        • Netherlands Privacy Academy (in Dutch)
        • Caribbean Data Protection Academy
      • Resources
      • Join GADPPRO ACADEMY
        • Join GADPPRO Academy as an Official Partner
        • Become an Official GADPPRO Training Entity
        • Join the GADPPRO Business Academy
        • Secretariat & International Training Centre
        • Contact Us
      •  
        • RegisterLog in

      Blog

      Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications

      • Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
      • Date October 9, 2020

      Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications

      Section 2.7  Security and confidentiality

      90. Vehicle and equipment manufacturers, service providers and other data controllers shall put in place measures that guarantee the security and confidentiality of processed data and take all useful precautions to prevent control being taken by an unauthorised person. In particular, industry participants should consider adopting the following measures:

      • − encrypting the communication channels by means of a state-of-the-art algorithm;

      • − putting in place an encryption-key management system that is unique to each vehicle, not to each model;

      • − when stored remotely, encrypting data by means of state-of-the-art algorithms;

      • − regularly renewing encryption keys;

      • − protecting encryptions keys from any disclosure;

      • − authenticating data-receiving devices;

      • − ensuringdata integrity (e.g., by hashing);

      • − make access to personal data subject to reliable user authentication techniques (password, electronic certificate, etc.);

      91. Concerning more specifically vehicle manufacturers, the EDPB recommends the implementation of the following security measures:

      • − partitioning the vehicle’s vital functions from those always relying on telecommunication capacities (e.g., “infotainment”);

      • − implementing technical measures that enable vehicle manufacturers to rapidly patch security vulnerabilities during the entire lifespan of the vehicle;

      • − for the vehicle’s vital functions, give priority as much as possible to using secure frequencies that are specifically dedicated to transportation;

      • − setting up an alarm system in case of attack on the vehicle’s systems, with the possibility of operating in downgraded mode;

      • − storing a log history of any access to the vehicle’s information system, e.g. going back six months as a maximum period, in order to enable the origin of any potential attack to be understood and periodically carry out a review of the logged information to detect possible anomalies.

      92. These general recommendations shall be completed by specific requirements taking into account the characteristics and purpose of each data processing.

      • Share:
      User Avatar
      Richard V

      Previous post

      Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications
      October 9, 2020

      Next post

      Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications
      October 9, 2020

      You may also like

      Children Safety Encryption www.privacad.com
      Apple’s New Step to Protect Child Abuse via Encryption Feature
      20 August, 2021
      DNA Technology and Privacy www.privacad.com
      DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
      19 August, 2021
      www.privacad.com
      India accuses Twitter of not complying with new IT rules
      18 August, 2021

      Search

      Categories

      • Blog
      • Business
      • Design / Branding
      • Free Data Protection Resources
      • Nederlandse Privacy Academie
      • Uncategorized
      Facebook-f Linkedin-in

      © Privacad 2020

      For all your questions about courses

      students@privacad.com

      For all your questions about Privacad for business

      info@privacad.com

      Links

      • Courses
      • Become a GADPPRO Academy Official Training Entity
      • Resources
      • Free Data Protection Resources
      • Blog
      • Profile
      • Students Stewards Network (SSN)

      Support

      • Privacy Policy
      • Terms of Use
      • FAQs
      • Contact

      © GADPPRO Academy | Privacad 2023

      GADPPRO Academy 2023

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account

      Are you a member? Login now