Answer: D - Under this scenario, the vehicle manufacturers offering the “Connected vehicle experience” would face many risks of privacy and data protection law violations. It would be necessary for the vehicle manufacturer to obtain the driver’s consent to collect, use, process, and share personal information and location. The manufacturer would need to communicate through a comprehensive privacy notice, complying with federal, state, and local laws. Data security would also need to be addressed.
The manufacturer would not be required to establish a Safe Harbor agreement with foreign retail partners as these agreements have been invalidated. However, other means would be necessary to address the cross-border sharing of driver data.
