Addressing Data Privacy in CCAM
What kind of data do cars collect? How does AI use data in cars? What privacy measures are in place and what are the researchers in the AIthena project proposing?
Today’s vehicles collect large amounts of data, such as vehicle location, tyre pressure status, proximity of objects in the vehicle’s vicinity, vehicle maintenance information and much more. This data is collected by various sensors and systems in the vehicle, which are processed and trained by artificial intelligence.
As part of the Connected, Cooperative and Automated Mobility (CCAM) spectrum, data collected in vehicles is being used to perform advanced vehicle functions and features, from advanced lane keeping systems to hands-free parking. But how is all this data being stored, and how is it being processed by AI to make decisions?
The AIthena project addresses these issues and aims to improve the explainability and accountability of AI in CCAM. Among these issues, the treatment of privacy is a major concern.
In Europe, data regulations largely refer to the General Data Protection Regulation (GDPR), which contains the basic principles of data protection, with a strong focus on the processing of personal and non-personal data. Currently, there is no specific data regulation in the context of mobility and connected vehicles, making the GDPR an important reference point for data processing in modern vehicles.
As a key feature of the GDPR is the processing of personal data, researchers in the AIthena project have suggested anonymising or pseudonymising data where appropriate. The choice between pseudonymisation and anonymisation depends on the purpose of the data use.
If a pedestrian is crossing the road and a vehicle detects that pedestrian, anonymised data would be preferred as there is no need to identify all pedestrians or other road users in traffic. Similarly, the researchers suggest that all traffic data that can be linked to a person should be anonymised, including vehicle number plates.
However, when a driver makes changes to their vehicle or decides to send information to a vehicle manufacturer, pseudonymisation is a better way to process the information and share specific results with the driver at a later stage, if required, without necessarily revealing the driver’s personal data.
In the AIthena project, researchers are also proposing a federated learning method for vehicles, where data is decentralised and securely stored elsewhere, such as in a cloud environment. This differs from traditional machine learning where data is centralised in the object, or in this case the vehicle, where data processing decisions are made.
Researchers recognise that federated learning poses inherent security risks in terms of cyber threats, but also see the potential benefits in terms of collaborative learning and improved performance.
To learn more about privacy in connected vehicles, read the AIthena project deliverable here AITHENA-D2.3_Privacy-preserving-methods.pdf.