Skip to main content

ESC is an alliance of European organisations that strives to reduce the
impact of modern communications and electricity use on health and the environment. We are not against technology, but we are pro safe technology and safe connections.

    Have your say – Access to vehicle data

    You can also get involved in forming EU laws. The European Commission would like to hear your views on laws and policies currently in development. They offer a platform “Have your say” with the list of all new EU initiatives open for public consultation. You need to register to write your feedback.

    There are always 5 stages of each EU initiative, each stage is open for public consultation for a specific time frame:

    • In preparation
    • Call for evidence
    • Public consultation
    • Draft act
    • Commission adoption

    Access to vehicle data, functions and resources

    About this initiative: Modern vehicles have features that allow a wide range of data that they generate when driving to be collected. This initiative sets the conditions for accessing and using such in-vehicle generated data.

    Feedback period: for stage 3 it is 29 March 2022 – 02 August 2022


    Feedback from Europeans for Safe Connections

    We, The Europeans for Safe Connections, welcome this initiative because many drivers are not informed that their connected cars store or record so much data quietly, often inadvertently including very sensitive personal information.

    A lot of personal data is copied to the car’s infotainment console as soon as any smartphone is interconnected to the car. If a vehicle has built-in Internet connections, it can become car-based surveillance due to telematic data from hundreds of sensors or in-car cameras. Cars collect more data than our smartphones but consumers do deserve to have privacy in their vehicles.

    Car manufacturers are preying on consumer ignorance. They collect customers’ personal data, but they usually don’t inform them which sensitive data they are gathering. The data is sent to the automakers’ cloud and can be shared with other companies. A total consumer profile is created and passengers could see targeted advertising for „driver’s or passenger´s seat.

    While companies track customers in their cars, they often claim to collect ‘anonymised data’, but when all the telematics data such as car performance, driver behaviour, location data is combined with other data points, then customers can be personalised and profiled.

    Automakers and insurance companies are claiming that they need such data for their products to work (such as emergency services). But they are weaponizing safety and using the same tracking consent form for a host of reasons. Consumers do not have to choose between their safety and having their data used for third party tracking purposes. Cars don’t need to share our private data to allow us to drive.

    When it comes to consumer privacy and security, Tesla’s e-cars have some gaps in data protection. In June 2022 the Berlin police reacted to this and prohibited Teslas from driving on police property. The reason for this is the fear of being spied on by the e-cars. As the Berliner Zeitung reports, these worries are based on the built-in cameras in each vehicle. According to an internal letter from the police, the Stromers permanently film their surroundings and forward this data to the company’s servers. What happens to the data afterwards remains unclear. A German ZDF television report has prompted the Berlin authorities to ban Teslas from police areas. The ZDF report shows that the vehicles record more videos than the car manufacturer claims.

    Some experts say, that technology does not make driving safer. According to the National Safety Council, the number of deaths per 100,000 miles driven in the U.S. has increased by nearly 25% in 2020, marking the highest annual increase the organization has documented in nearly 100 years. The number of traffic fatalities increased in 2021, which prompted the federal government to take executive action. And the death toll could rise even higher if companies increasingly turn our vehicles into vessels of consumerism while simultaneously making them vulnerable to hackers.

    In the recent years, the international press has reported a number of disturbing incidents where cloud storage and services of multinational telecommunications giants have been attacked and sensitive data of tens or hundreds of millions of users have been compromised. Even in the case of connected cars, there have been announced many security incidents and it has become apparent that many car developers have not taken a responsible approach to fixing security issues and protecting sensitive customer data. This data could be resold to third parties or appear on the dark web and end up in untrustful hands.

    Unless the leakage or disclosure of sensitive customer data can be reliably prevented, the collection of customer information (whether authorised or unauthorised) poses a significant threat to privacy. The large number of unresolved security risks and incidents associated with remote hijacking of critical vehicle functions by an attacker and endangering the lives of drivers or passengers also undermines our confidence in the connected vehicle market.

    For example:

    Blanket regulations without choice create discrimination and restrictions on freedom. Certain public do not want to purchase connected vehicles for privacy or health reasons.

    Transparency, protection from discrimination and right to information should not be just empty words. If there is really aim to address discrimination at its source, we need to ensure that connected vehicles are not an obligation but a free choice for customers who will be fully informed before buying a connected vehicles that collect specific sensitive information and also emit electromagnetic fields/wireless radiation through specific assistance systems or specific wireless communication antennas placed in the vehicle.

    In Proposal 8 we ask for wireless free and radiation free options for the transportation. The customer must not be discriminated against and must have the right to choose the option of a non-connected vehicle that does not include wireless connectivity.

    People don’t want spies in their cars!

    In the area of mobility, the Data Act falls short, especially when it comes to the exchange of vehicle data. So far, it has not been regulated how authorities or testing organisations can gain access to vehicle data in order to be able to perform their sovereign tasks for road safety as well as environmental and climate protection.

    Much of the data collected by the car provide information about the technical condition of the vehicle as well as the mobility habits of the user. Personal data is a subject to special protection. In order to give drivers control over their data, a legal framework for access to the data generated in the car should be created at EU level as soon as possible.

    There is a need for political action with regard to customers, who wish to use connected cars:

    • Data transparency: consumers need to know what data their car generates, stores and sends.
    • Data sovereignty: Drivers must be able to simply switch off data processing and sharing.
    • Data security: To protect consumers, IT security must be guaranteed throughout the life of the connected car.
    • Freedom of choice: Drivers should decide who gets access to their vehicle data.

    In Proposal 19 we ask for an an impact assessment of the effects of wireless technologies on personal data protection and evaluate compliance against current data protection laws.

    In Proposal 20 we want to protect citizens against the increasing vulnerability to cybercrime by applying the principle of data minimization to collection via wireless.

    Best regards
    Kamil Bartošák
    on behalf of the Europeans for Safe Connections

    Facebook post available for sharing:

    The Europeans for Safe Connections (“we”) treats your personal data confidentially in compliance with the legal requirements of the Regulation (EU) 2016/679 (the GDPR). You do not provide us with any personal data in the ordinary browsing of the ("website"). We only collect information that is insufficient to identify a person, but allows us to track simple statistics. View more
    Cookies settings
    Privacy & Cookie policy
    Privacy & Cookies policy
    Cookie name Active
    The Europeans for Safe Connections (“we”) treats your personal data confidentially in compliance with the legal requirements of the Regulation (EU) 2016/679 (the General Data Protection Regulation).


    We are responsible for operating (the “site”). During ordinary viewing, you can use these without providing us with personal information. We only collect information that is insufficient to identify a person but allows us to have an overview of simple statistics:
    • your browser programme’s name and its version,
    • your device’s operating system,
    • the (anonymised) IP-address of your device,
    • the exact time of your request,
    • the URL-address of the requested file or page,
    • the address of the website which pointed to our site (the Referrer URL),
    • the result of your request (the HTTP Status Code).
    The site does not collect any information from social networks. If you click one of social media links you are redirected to those websites and there they collect themselves. If you will contact us via the contact form or subscribe to our newsletters, your name and email address will be recorded. In case of need to cancel the subscription to our newsletters, you can do so via the Unsubscribe link located in the footer of each newsletter, this will remove your name and email address from the system.
    Save settings
    Cookies settings