- Connected cars are “terminal equipment” and consent under the ePrivacy regime is required.
- Connected cars are IoT devices.
- Geolocation is very sensitive; don’t collect unless necessary.
- Implement data protection by design and default at every stage.
- Connected cars pose unique challenged for transparency and consent – you must find ways to overcome them.
These are some of the key takeaways from the European Data Protection Board’s draft guidelines on connected vehicles.