ABSTRACT
The use of mobile apps (iOS/Android) has become commonplace in standard and high-end vehicle series across various brands. This connectivity is now essential for delivering a new suite of connected services to vehicle owners such as remote control and monitoring. However, as with any advanced technology, the use of mobile apps in vehicles can also bring significant concerns regarding the security, confidentiality, and privacy of the shared data. This data often includes sensitive personal information belonging to the vehicle owner, raising critical questions about how this information is managed and protected. It is also relevant on this point the regulation that ensures the personal data protection. In this study, we investigate the security and privacy aspects of this technology across different connected car’s brands on a global and European scale. We conduct a comprehensive audit of various automotive brands’ apps, evaluating them against several parameters using as a base the United Nations Economic Commission for Europe (UNECE) Regulation No 155 (R155) and the EU General Data Protection Regulation (GDPR). Furthermore, we assess the information and explanations provided in the privacy policies accompanying these apps to evaluate their transparency and thoroughness. Our results reveal several shortcomings among the different brands. Some brands exhibit significant deficiencies in ensuring the security, confidentiality and privacy of the data shared through their mobile apps. This indicates a need for improved standards and practices to ensure that all automotive brands provide robust protection for their customers’ personal data.
Fernandez, Miguel Angel and Gómez-Canaval, Sandra and Blasco Alís, Jorge, How much does your car know about you? A Study on the Security and Data Privacy of Connected Car Apps. Posted to SSRN 26 December 2025.
Leave a Reply