Robert Botkin was quoted in Cybersecurity Law Report on the compliance challenges faced by original equipment manufacturers (OEMs) in the automotive industry related to connected vehicles and the generation of sensitive personal information. 

This information is collected, used, and occasionally shared by OEMs, the article explains, which can trigger complex and sometimes conflicting notice, consent, retention, and data-sharing obligations under various privacy laws.

OEMs should match their practices with their stated purposes for collecting and using data, Robert told the publication. OEMs can risk enforcement action from what their privacy notices state without clearly informing the consumer.

Companies should ensure that their "business lines and privacy program have a great relationship," Robert said. He also advised that companies should avoid jargon. "Notice and consent are inextricably interwoven," he said. "If the notice is relayed in jargon that is not understandable a consumer cannot truly give consent."

The article also explained how OEMs should not seek multiple consents in one transaction. This can be an "all or nothing" choice to consumers, Robert told the publication. "Regulators are really forcing granular choice," he said.

Subscribers can click here to read the full article: Connected Cars: Privacy Compliance Guidance

The Cybersecurity Law Report provides business analysis of critical legal issues related to the cybersecurity, data protection, and data privacy challenges facing entities across industries.