PECS
People’s privacy control over the personal data that they generate and consume while they drive modern cars is extremely weak at present. There is historical as well as recent evidence that car brands harvest a variety of personal data from drivers and, arguably, full compliance of their processing with the European General Data Protection Regulation is questionable.
PECS revolutionises modern car ecosystems for what concerns the processing of personal data. It does so by advancing, tailoring to the specific domain and, ultimately, combining together both soft and hard privacy measures. The project raises drivers’ soft privacy through the PECS interface for static and dynamic control of personal data, so that drivers can decide what to share and with whom and when, as well as follow and control the flows of data at service run time by means of multy-sensory media techniques. Hard privacy thrives in the project through a combination of obfuscation techniques including Federated Analytics, Secure Multi Party Computation and Pseudonymisation, so that drivers are enabled to keep their personal data opaque to anyone from the outset. All developments proceed from the established academic laboratories of UNICT-UNIMORE, then are demonstrated in the operational environment of MASA-UNIMORE, reaching TRL7.
The PECS results stem from the open-source, open-Internet approaches, hence bear huge technical, societal and industrial impacts, bringing Europe at the forefront of data protection, at least in the automotive domain. PECS also brings forward a whole new range of business opportunities such as various forms of software support for its technologies, and of renewed car services leveraging privacy-by-design-by-default.
Finally, PECS provides the necessary grounds favouring the inception of a new breed of services that would be naturally enrooted on drivers’ sensitive data such as sexual, religious and political orientations, e.g. apps for dating, praying and debate on political topics.
- Motivation for the project: PECS offers enhanced consent and privacy management, aligning with TrustChain's goals and addressing data harvesting concerns. PECS drives technical, societal, and industrial advancements, also fostering new business opportunities in privacy-centric automotive services.
- Generic use case description: Amy is listening to music in her car using an app and shares her GPS coordinates with it. The app then shares her location with a lyrics provider. PECS sends an alert to Amy via an audio notification to communicate the policy violation.
- Essential functionalities: PECS offers dynamic control for users to selectively share personal data, integrating multy-sensory media techniques for real-time monitoring. It incorporates hard privacy measures such as Pseudonymisation to keep personal data secure.
- How these functionalities can be integrated within the software ecosystem: PECS’ functionalities smoothly integrate into modern car software ecosystems by leveraging platforms like Android Automotive and Automotive Grade Linux (AGL). In this way, PECS becomes an integral part of the connected car system.
- Gap being addressed: PECS addresses GDPR compliance gaps in the automotive industry. In fact, despite stringent regulations, recent studies highlighted deficiencies in consent management, transparency, and cybersecurity among prominent car brands.
- Expected benefits achieved with the novel technology building blocks: PECS benefits include dynamic privacy control, GDPR compliance, innovative interfaces (PECSi), robust hard-privacy measures (PECSo), open-source contributions, new business opportunities, and user empowerment, reshaping data privacy practices in the automotive industry.
- Potential demonstration scenario: The demonstration scenario involves showcasing PECSi and PECSo prototypes at TRL7 within MASA's 'Open Air' test bed. This aims to highlight how these solutions enhance data control, privacy, and user experience in connected vehicles.
Team
Giampaolo Bella
Associate Professor at Università degli Studi di Catania
Mirco Marchetti
Associate Professor at Università degli Studi di Modena e Reggio Emilia
Salvatore Riccobene
Associate Professor at Università degli Studi di Catania
Luca Ferretti
Associate Professor at Università degli Studi di Modena e Reggio Emilia
Sergio Esposito
Doctor of Philosophy at Royal Holloway University of London
Daniele Francesco Santamaria
Researcher at Università degli Studi di Catania
Giovanni Zoccoli
Researcher at Università degli Studi di Modena e Reggio Emilia
Cristian Daniele
PhD Student at Radboud Universiteit
Marcello Maugeri
PhD Student at Università degli Studi di Catania
Mario Raciti
2nd year PhD Student at Scuola IMT Alti Studi Lucca
Gianpietro Castiglione
2nd year PhD Student at Università degli Studi di Catania
Filip Valgimigli
Research Assistant at Università degli Studi di Modena e Reggio Emilia
Entities
Università degli Studi di Catania
With an average enrolment of 38,000 students, the University of Catania has been around for hundreds of years since 1434 and is the oldest one in Sicily.
Website: https://www.unict.it/
Università degli Studi di Modena e Reggio Emilia
The University of Modena and Reggio Emilia, located in Emilia-Romagna, is one of the oldest universities in Italy, founded in 1175, with an average enrolment of 20,000 students.
Website: https://www.unimore.it/