The EU General Data Protection Regulation is engaged or rather obstructs, the business processes since May 2018. However, there are certain important aspects that speak in favour of such a regulation. But who would have thought that this topic even accompanies us with the digital tachograph? What impact does data protection have on daily operations?
Which driver or entrepreneur has previously thought about the privacy of the operation of the digital tachograph? Probably nobody. The topic has actually been present for many years. Because since about 2010, the so-called remote download from the digital tachograph is possible. At least since that time, more and more telematics systems were installed in the vehicles or connected to the Tachograph to download the driver card and the mass storage device by remote reading. The remote download for archiving the data was not the only motivation for connecting the telematics systems to the digital tachograph. Rather, the companies wanted to have access to drivers’ driving and rest times in real time to optimize their scheduling. This happened only via the interface D8 In addition to the Km, the speed, the number of the driver card and the currently set activity could be read. The duration of the activities, e.g. the driving time, was then calculated by the telematics software and provided to the dispatcher as information. Later, then, e.g. With the introduction of the counter at VDO, the exact driving and rest times calculated and recorded by the Digitacho itself are also transmitted. In addition, it was also possible to read out how often a possible increase in driving time to up to 10 hours or a reduction in rest time was taken. Even when the next daily or weekly rest period was due, the entrepreneur has since seen live.
All this is not new and will not be possible until the introduction of the Smart Tachograph in June 2019. So far no one has thought about the transmission and processing of this data. Only with the entry into force of the new Tachograph Regulation (EU) 165/2014 has the protection of personal data already been taken up in the recitals.
“The recording of data by the tachograph as well as the development of technologies for the recording of location data, the remote communication and the interface to IVS lead to the processing of personal data. Therefore, the relevant Union legislation should apply [.]”
The Data Protection Regulation (EU) 679/2016 and Directive 2002/58 / EC (Electronic Privacy Directive). The consequence of this is that starting with the Smart Tacho, the driver now has to agree to the use of the data defined as personal before they leave the vehicle network and may thus be available to other, external applications.
This basically happens at VDO and Stoneridge in a similar way. The first time a driver card is inserted into the smart speedometer, the driver is asked whether he agrees to the issue of the personal data described above or not. If the driver refuses to give his consent, this data may not be accessible for external applications in accordance with Appendix 13 to the Technical Annex 1C of the Tachograph Regulation.
No matter how you protect privacy, the new regulation, like the GDPR itself, will bring fundamental changes to the business process. The driver’s lack of agreement will still cause some headaches for providers of telematics systems. Because without this consent i.e. No more driving and rest periods are taken from the Digital Tachograph. Thus, the technical progress almost completely loses its true meaning, namely to incorporate the data in real time in the disposition. However, it is still possible to download the data remotely, as this is not dependent on the driver’s consent in enterprise mode. Whether a shorter clocked download to circumvent the restriction in the disposition is right, however, must be evaluated separately.