Modern infotainment system: what does the computer in the car know about the driver?
Photo: IMAGO / IMAGO/Cover Images
On the way to work, your favorite station is playing on the car radio.
All important contacts are stored in the memory of the hands-free system.
And the navigation system knows exactly which places you are headed for.
It also knows where you live and where you work.
These are just a few examples of the data that modern cars store about their drivers and their driving habits – and sometimes share with the manufacturer.
According to the rules of the General Data Protection Regulation (GDPR), users must agree to this.
But which data is shared exactly and what the recipients do with it often remains in the dark.
Users only have access to a small amount of data
One thing is certain: Up to 120 control units in a car regularly collect data.
“All suppliers use microchips, including for safety and comfort features, as well as for the infotainment system,” explains Sven Hansen from the IT trade magazine “c't”.
"During operation, a lot of data accumulates in the individual control units that a driver has no access to, but which is so specific that conclusions can be drawn about the driver and his driving behavior."
Much of it is not stored for long, but is permanently overwritten.
However, drivers only have access to a small amount of data.
This includes information in the navigation system and in the entertainment system.
"But the engine data alone allows conclusions to be drawn about a certain driving behavior, such as the engine speed or how often the accelerator pedal was depressed," says Hansen.
Not all data is obvious
But who can see this data?
According to the GDPR, the manufacturer must explain the purpose for which data is collected in the car and what happens to it.
Telematics services and insurers, for example, are interested in using such data to optimize their products.
Nathalie Teer, Mobility & Logistics consultant at the IT industry association Bitkom, differentiates between data that must be collected and data for additional convenience features and services.
"The amount and the respective data partly depends on the vehicle and the brand," says Teer.
According to Teer, the legislator specifies many parameters that must be collected for the purpose of safety and testing.
"Some of the data only goes to the manufacturer and is not visible to customers at first glance." This included, among other things, information that is read from the control unit during the general inspection.
Access via infotainment system and apps
On the other hand, data stored for optional functions such as music services, driving settings and navigation can be viewed easily, says Teer.
"Users must actively agree to certain functions and will be informed about the whereabouts of the data." This applies in particular when data is shared with third parties.
Via dashboards in the vehicle's infotainment system or via connected apps, drivers often receive overviews in order to grant approvals, withdraw them or delete data.
All data in the vehicle is relevant for data protection, says Darmstadt professor for network security Christoph Krauss.
"As soon as vehicle data can be linked to the vehicle identification number or the license plate number, these are to be regarded as personal because, among other things, movement profiles can be created," explains Krauß, who coordinates the Secure Autonomous Driving department at the Athene Research Center.
According to Krauss, some data are particularly relevant to safety, such as the control data for the brakes.
Manipulation of this data can have devastating effects.
Many value-added functions also use personal data.
For this purpose, when the smartphone is synchronized with the car, data about the location search, filling levels, locking and remote diagnosis of the car are sent.
Cars also collect information in the E-Call automatic emergency call system and when communicating with other road users.
EU rules for in-car cybersecurity
The data is not always stored locally, i.e. in the vehicle itself, but often ends up on the manufacturer's servers or goes to third-party providers.
It depends on the make, model and year of the vehicle.
"Drivers can hardly protect themselves against cyber attacks and have to trust that the manufacturers have secured their vehicles and backend systems well," says Professor Krauss.
»For potential attackers, the manufacturer's backend with its large amount of data is much more interesting than a single vehicle.
So these connections are more likely to be attacked.”
In the past there have been repeated attempts to copy or manipulate data.
That's why there are a number of security precautions in modern vehicles, says Krauss: "To protect against a compromised smartphone connected to the infotainment system, for example, vehicle electrical systems are divided into domains so that access to safety-critical systems such as the brakes is not easily possible."
New cars should be safer
With the UNECE regulations R155 (Cybersecurity Management System) and R156 (Software Update and Software Update Management System), which have been in force since July 2022 for new type approvals, the EU has laid down guidelines for this.
There, for example, the digital separation of owner and vehicle is regulated.
However, it also contains specifications for the cyber security of vehicle concepts and mechanisms for secure software updates.
Vehicle manufacturers must also demonstrate a Cyber Security Management System (CSMS), which includes processes and measures that are suitable for repelling cyber attacks or combating them quickly.
And that over the entire service life of the vehicle.
The measures provided for by UNECE regulation R155 are intended to protect vehicles from unauthorized access.
From July 2024, the regulation will apply to all newly produced vehicles.
Be careful when selling
Sven Hansen advises resetting all systems before selling a car.
In addition to the entertainment system with navigation system and address book, this also includes the stations stored on the radio and any comfort settings.
"Owners tend to forget to delete suitable apps or cloud connections with the car, which allows them further access to the car," says Hansen and warns: "But the electronic band must be completely cut."
The ADAC recommends a separate deregistration for apps preinstalled in the infotainment system, such as music streaming applications, before the vehicle is sold.
It is also important to unlink remote apps that can be used to remotely control the car or car functions via smartphone.
The complete deletion of personal data in the infotainment system is only possible via the "Reset to factory settings" function.
Right to data erasure hardly enforceable
"Drivers have the legal option of having their data checked and deleted," explains ADAC Technical President Karsten Schulze.
"In practice, however, this is not possible because it is not clear which data is collected for whom and for what purpose." Consumers cannot see through the data flow, more transparency is necessary.
According to Schulze, it would be ideal to have a list of all the data collected for each car model.
"Drivers can then decide for themselves which data they want to have deleted." It would also be practical to have an onboard interface in the car that would allow access to the data and which could be used to make data available to third parties if desired.
In the future, independent workshops could also work better and more easily on cars.
Sven Hansen advises anyone who sells a car to inform the manufacturer's data protection officer that there has been a change of ownership and that the manufacturer should delete all data: "Every customer has a right to it, and he is on the safe side from data misuse. «
It is not yet possible to completely reset a car, says Hansen.
Somewhere the previous owner is still stuck in the car: even if the connection is only the memory function of the automatic transmission for the shift times.