Continental aims for Vision Zero for data protection
Automotive systems company says organisations should aim for data privacy by default
Automotive manufacturing company Continental is aiming for a ‘Vision Zero' approach to data breaches.
The company is calling for data protection to be given the same priority as road safety by practitioners, and to follow the aims of the Vision Zero road safety project which aims to eliminate all serious road traffic accidents.
Dr. Elmar Degenhart, CEO of Continental said that goal must be to protect data and for companies involved in data handling or creation of systems to shoulder responsible for data protection and make protection a core component of software.
"For us, the security of technologies and the trust users place in them have a high priority. We are working on eradicating road-traffic accidents and are therefore calling for such a "Vision Zero" for data traffic as well," said Degenhart. "We think it is unacceptable to transfer to users the responsibility of complying with data protection laws. This is why we are turning to secure alternatives.
"Data is an obligation. Technology providers, in particular, must make it as easy as possible to ensure compliance with data protection laws. Technology leaders, in particular, have a major responsibility in this regard. This is why data protection is definitely not just an optional extra for us, our products, our services and our processes. This fundamental attitude will strengthen global trust in new, data-based mobility services in the long term."
Continental is extending this approach to both its operations and the solutions it creates, which include prohibiting its employees from using social-media apps like WhatsApp and Snapchat in its global company network, effective immediately.
The company believes this services contradict data privacy and protection by default, by including third parties in contact lists and other functions. In the case of these apps, access to the contact list cannot be restricted. The responsibility for complying with data-protection laws is therefore shifted onto the users of these apps. In Continental's opinion, these apps often shift the responsibility onto the user. To meet the requirements of the GDPR, each user would, in the case of WhatsApp, need to get the permission of each person in their contact list in order to share their data with these services.
"Functional restrictions and hurdles that make it difficult to comply with data protection laws erode people's trust in technologies," said Degenhart, who calls for "priority for trust and security" in general when it comes to the development of technologies."
Continental said that this same approach should apply to automotive systems and sensors for for connected, automated and autonomous driving. Personal data is not a fundamental requirement for these system Degenhart added, and anonymous data should be used wherever possible.
The "privacy by default" principle ensures that the strictest privacy settings are applied automatically without the user having to do anything. The advanced driver assistance system from Continental, for example, is therefore not interested in the license plate of the car in front, he said.