Ted: as a reminder today we wanted
to delve into use cases to help inform us whether the complexities
warrant the need for a policy language
... Glenn has some use cases from GAVDA that will help, sending to
archive and will go over as prompts
... also Tim and Benjamin met with a researcher at BMW Summer
School who is exploring policy languages in this space
Benjamin: Tim and I spoke with
Armin on GDPR related use-cases and how to handle data with
that in mind, it was a good vision
... I am not an expert but agree additional viewpoints for this
topic makes sense
Ted: thank you for the
attachment, not sure I can share that yet. He indicated he was
busy and will seek permission and ask for public
materials
... single slide, was there more?
Benjamin: more a verbal discussion
https://www.w3.org/community/autowebplatform/wiki/Consent_Cases
Ted starts citing document, owner rights as first case
Glenn: it gets complicated quickly, varies by country for instance. it is not a complete guide
Ulrich: it makes sense to
identify the roles but agree the rights and obligations are
subject to national legislation
... in Germany you would not be able to see my driving speed
without my consent even if you own the car
Glenn: it makes sense to keep the
column on the far left and modify the rest with concerns
...for instance it is questionable what data can be anonymized
Ted: what about non-personal data eg engine temp and diagnostic codes that have nothing to do with driver behavior?
Ulrich: any data generated would
be considered private under German law
... if you inform me in advance it would be considered
consent
Benjamin: in GDPR any user is entitled to understand what is being collected, presented with consent in a clear form and to later revoke that permission
Harjot: any copies including derivative would need to be made available for deletion on any request
Benjamin: it would be dangerous to not follow those rules
Ted: as an aside we in the US have
noticed how many sites comply with GDPR now as a baseline given
they cannot determine whether you are an EU citizen regardless of
where you are geographically (by IP address)
... in sharing data with third parties, it seems you also need to
convey terms and also store sources of data to handle revokation
Ulrich: you need to be able to track that back and would want to delete only pertinent data and not for what other consent is still valid
Ted: anyone aware of scenarious where OEMs can collect data (safety) without explicit consent
Ulrich: there are multiple ways
(six in GDPR) to get consent, explicit on a case by case, by
contract eg insurance
... others are more complicated and less obvious such as
implicit consent, to perform a service information is required
so derived
... consent management system would need to handle that and
revokation still applies
... for some data items it is clear and obvious it is personal,
others depend on circumstances and whether it can be tracked
back to an individual user
... if it cannot it isn't considered personal
... unsure how this will be interpretted in practice
... VIN could be withheld as it is considered identifiable and
withheld while sharing other data
... we will err on caution, withholding anything potentially
identifiable
... vehicle position data for example can be used to identify
someone based on patterns
... these items are complicated and need to build up a
knowledge base including consequences
Ted: it can be a collection of datapoints that reaches the deduction threshold
Ulrich: from a legal, commercial
aspect it is advisable to treat data that could later be
considered personal as such preemptively
... one of the best practices we see is to treat any vehicle
data as potentially personal
Ted: fleet use case where they have a contract with their data provider and subsequent employment agreements with their drivers. that may complicate revokation
Ulrich: there are reasonable
limits to revokation, they can be constrained by other legal
rights
... it cannot be used to counter other agreements
... you need to be able to proove you received consent
... you need to register consent but also manage lifecycle and
traceability
Ted: if for instance I have an arrangement with insurance company for my vehicle's data and lend it to you but forget to inform you, that would be my fault
Ulrich: right you would have been negligent in informing me of your arrangement with insurance company and before I damage your driving record
Ted: I can see this playing out on
the head unit UI, would need to store on vehicle (or cloud) existing
consent in a policy language as the car starts and provide
opportunity to contest
...it can have different parties and
options, including not being able to opt out of insurance
company's access bound to the vehicle. use of vehicle after being
informed could be consent
Ulrich: that could be useful,
make operator aware and prompt them for consent but some might
not be revokable (eg insurance)
... that is part of the next steps we are taking with an OEM,
these questions are coming up
... how can I see all the consent given to date?
... that would also be the place where it can be revoked
Ted: ideas on next steps:
[adjourned]