AUTOPSY: A Framework for Tackling Privacy Challenges in the Automotive Industry

๐Ÿ“… 2025-07-22
๐Ÿ“ˆ Citations: 0
โœจ Influential: 0
๐Ÿ“„ PDF

career value

210K/year
๐Ÿค– AI Summary
Intelligent connected vehicles (ICVs) face urgent practical challenges in enhancing privacy-friendliness beyond mere GDPR compliance. Method: This study proposes the first privacy engineering framework tailored for full-vehicle systems, integrating system modeling, a dynamic privacy manager, a GDPR principleโ€“guided PETs selection methodology, and a layered privacy architecture to enable fine-grained data-flow control and automated compliance mapping. The modular design decouples privacy functionality for scalable deployment. A prototype is implemented and validated in a location-based service scenario. Contribution/Results: The framework ensures end-to-end controllability over user data collection, transmission, and processing; achieves privacy-policy response latency under 200 ms; and improves PETs configuration coverage by 40%. It establishes a technically advanced, regulation-adaptive privacy enhancement paradigm for automotive systems.

Technology Category

Application Category

๐Ÿ“ Abstract
With the General Data Protection Regulation (GDPR) in place, all domains have to ensure compliance with privacy legislation. However, compliance does not necessarily result in a privacy-friendly system as for example getting users' consent to process their data does not improve the privacy-friendliness of the system. Therefore, the goal of the AUTOPSY project was to support the privacy engineering process in the automotive domain by providing several building blocks which technically improve the privacy-friendliness of modern, i.e., connected and (partially) automated vehicles. This paper presents the results of the AUTOPSY project: a system model to identify relevant entities and locations to apply privacy enhancing technologies (PETs); the privacy manager aiming at more control of the data flow from the vehicle, a PET selection approach based on GDPR principles, and an architectural framework for automotive privacy. Furthermore, we built a demonstrator for location-based services to evaluate the architectural framework.
Problem

Research questions and friction points this paper is trying to address.

Ensuring GDPR compliance in automotive privacy systems
Improving privacy-friendliness in connected automated vehicles
Developing tools for data flow control and PET selection
Innovation

Methods, ideas, or system contributions that make the work stand out.

System model for identifying PET application points
Privacy manager controlling vehicle data flow
GDPR-based PET selection approach
๐Ÿ”Ž Similar Papers
No similar papers found.