Mahadevan Vanchiswaran highlights the privacy risks of modern IVI systems and the importance of data stewardship
In vehicle infotainment systems have evolved substantially over the past few years, transitioning from radios with buttons and knobs to cockpit-based architectures with multiple displays and touch screens across the vehicle. This shift is enabled with supporting technology such as operating systems that support connectivity and multi-application infrastructure, like Automotive Android or Automotive Grade Linux.
Modern infotainment systems also offer increased infrastructure support for third-party applications through external marketplaces like Google Play Store or the automakers’ app stores. With increased connectivity and application ecosystems, providing options for users to operate their vehicle in a private mode, privacy protection becomes paramount.
Conventional touchscreen-based infotainment systems are generally equipped with applications that allow users to control various in-vehicle features, such as HVAC or radio applications. These are generally developed by OEMs or their partners, and the behaviour and compliance of these applications are strictly controlled. Most of these applications do not require internet connectivity, with little to no risk of user data leaving the vehicle.
Growing focus on privacy
A significant percentage of modern infotainment systems are developed on Automotive Android, which offers support for third-party applications. In an automotive environment, these are predominantly music and video streaming services, with gaming applications constituting a comparatively smaller subset. These applications typically require internet connectivity to operate, and both users and automakers have limited insight into how they function internally.
Applications developed on infotainment platforms like Android also have access to different information like vehicle location, driving behaviour, call logs and messages, contacts, and speech utterances in the cabin. These systems generally have permission models in place, where users must grant permission for an application to access such information. However, neither the users nor OEMs have insight into how these applications will use this information once permission is given, including whether data is correlated across sources and what data (if any) is collected and transmitted offboard.
Furthermore, cars are often treated as shared spaces, both within households and in external contexts, such as rental and ride sharing services. Users will expect personal data like recent destinations or video streaming preferences to remain private in such situations. Some of the key privacy risks include:
- Excessive and opaque data collection.
- Law enforcement access to automotive data without following due process.
- Ability to infer lifestyle patterns and behavioural data.
- Mass surveillance.
- Ability to infer movement patterns and personal routines from location.
Addressing privacy concerns
The evolution of infotainment systems, combined with the growing classification of certain automotive data as sensitive personal information, has prompted regulatory frameworks like GDPR (EU) and CCPA/CRPA (California) to impose requirements around transparency, data minimisation, user consent, and enforceable rights over how data is collected, shared, and retained.
On top of that, the growing connected ecosystem has prompted automakers and technology providers to invest more in privacy by design approaches. Privacy options are provided for the user, where they can choose whether and what applications can have access to the internet and location, or remain fully private. There are also options provided to opt in or out for marketing and analytics data.
For shared vehicles like rental cars, users can create a user profile, use it for the required duration, and delete it before returning the vehicle. Data is not shared between different user profiles, and automakers are providing options for clearing personal data remotely from a smart phone application. Users can also exercise the factory reset option when the vehicle is no longer intended for use, such as prior to sale.
In the era of connected cars, privacy should be seen not as an option, but as a necessity. The future of mobility will depend on how responsibly automotive data is handled. Prioritising privacy ensures trust and regulatory compliance, helping to build long-term success in this ecosystem.
The opinions expressed here are those of the author and do not necessarily reflect the positions of Automotive World Ltd
Mahadevan Vanchiswaran is Principal Solution Architect at Stellantis
The Automotive World Comment column is open to automotive industry decision makers and influencers. If you would like to contribute a Comment article, please contact [email protected]
link