The European Union (EU) General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of the personal information of individuals within the EU. Since some of the data that’s generated from connected cars may be personal data, companies that collect and use this data must build processes and technology for GDPR compliance.
Clear Consent Management
The GDPR requires that consent for collecting information must be freely given and unambiguous, and not inferred from inaction. In addition, data collectors cannot condition providing goods or services based on a data subject’s (consumer’s) consent. The Otonomo Consent Management Hub provides our partners with one way to implement these requirements. However, data collection occurs under the terms of agreements between data subjects and their automotive OEMs and service providers.
Robust Data Blurring
GDPR addresses “pseudonymous data,” which is information that no longer allows for the identification of an individual without additional information that is kept separate from it. Otonomo can support pseudonymous identifiers for certain use cases. The Otonomo Dynamic Blurring Engine also applies multiple types of blurring techniques to a range of data to protect driver privacy.