AMV Networks GmbH proved that its IT-based service AMV System complies with EU data protection law. Customers of AMV Networks such as insurance companies or providers of traffic information services may use the service in order to receive relevant real time information about a vehicle (e.g., its location, speed or fuel consumption) – provided that the vehicle owner consented to this beforehand. They can be sure that processing of real time vehicle data is in line with the demanding provisions of EU data protection law. Vehicle owners may terminate disclosure of data to customers of AMV Networks at any time via a dedicated web portal.
Function as provided in February 2017
Qualification: IT-based service
View the AMV System Certificate
Version of Certification Criteria
*** SEAL EXPIRED ***
04/04/2017 – 30/04/2019
Initial certification on 30/06/2014
12/2017 !!!OVERDUE!!! [Action by CA in process]
Recertification 2017: AMV-System Short Public Report
Initial certification 2014: AMV-System Short Public Report
AMV Networks GmbH
The AMV System facilitates the principles of transparency and intervenability: Transparency vis-à-vis the vehicle owners is ensured by means of a dedicated web portal providing access to relevant information (cf. below). Drivers of vehicles who are not owners of those vehicles as well as passengers are informed about the AMV System by means of an information card to be placed in the vehicle. Vehicle owners may stop disclosure of real time information to third parties at any time by means of the above-mentioned web portal.
Vehicle owners who allow other persons to drive their car must inform them about the fact that real time information about the vehicle (including location data) is collected, transmitted and disclosed to third parties. They are contractually obliged to do so and supported by AMV Networks by means of an information card that is to be placed at a visible spot inside of the vehicle.
It is worth noting that no information about location data is dislosed to vehicle owners by means of the web portal mentioned above. This means that vehicle owners may not track routes of other drivers by means of this portal (e.g., an employer does not have the possibility to track employees driving company cars by means of the AMV System).
The AMV System consists of two components: A piece of hardware called “ASG device” that is to be installed in cars and other vehicles and the software „TrafficSoft“ that is run on servers that are located in an Austrian data centre. The ASG device transmits real time information about a vehicle such as its location, speed and fuel consumption to the TrafficSoft database. Data may then be accessed by third parties by means of a dedicated web portal – provided that the vehicle owner consented to the disclosure previously.
In 2015, AMV Networks GmbH became a subsidiary company of STARLIM Spritzschutz GmbH. In 2016, AMV moved its premises from Ranshofen to the headquarters of STARLIM which are located in Marchtrenk. In this context, AMV rented ressources on virtualisation servers from its parent company to run virtual servers that are used for the further development of the “TrafficSoft” software. These virtualisation servers are operated in a dedicated server room that is located within the headquarters of STARLIM. An agreement between AMV and STARLIM which governs this server hosting is in place and the appropriateness of the respective technical and organisational measures was evaluated by the EuroPriSe Experts in the course of the current recertification project. The experts found that the TOMs do indeed ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected as required by Article 17 of Directive 95/46/EC.
The recent re-evaluation was conducted by the experts from 11/2016 until 02/2017. It showed that AMV System continues to meet all applicable EuroPriSe requirements. Further information can be found in the 2017 version of the Short Public Report.
Initial Cert 201406
Two scenarios need to be distinguished:
(1) Data may be disclosed to commercial business partners such as insurance companies offering specific tariffs based on driving behaviour pseudonymously: Each ASG device is allocated a unique identifier called ASG ID. When consenting to the disclosure of data to business partners, vehicle owners reveal their ASG ID. This means that business partners may easily link pseudonymous real time data to the respective vehicle owner.
(2) Data may also be disclosed to third parties without ASG ID and any other unique identifier altogether. E.g., a traffic information service may be interested in analysing aggregated information allowing them to identify traffic congestions etc., but not in tracking a single vehicle and its owner.
It must be stressed that in both cases, information is only disclosed to third parties if the vehicle owner consented to this disclosure beforehand. Furthermore, there are measures in place to ensure that only those pieces of information are disclosed that are relevant for the particular service at hand (e.g., if an insurance company offers a special tariff based on mileage per year, there is no need to disclose information on location, speed, etc.). Likewise, it is ensured that data are only disclosed to third parties at reasonable time intervals. Again, respective decisions are made on a case by case basis.
Relevant data may be accessed by third parties by means of a dedicated web portal. Certified garages that install the ASG device in vehicles may access a similar web portal in order to verify the functioning of the devices. Finally, another web portal allows vehicle owners to monitor which third parties are entitled to access real time information about their vehicles and what pieces of information exactly are disclosed at what intervals to each of these third parties. What is more, the web portal also provides vehicle owners with an easy means to stop disclosure of real time information to third parties at any time.
The AMV System lives up to the principle of informational separation of powers: Certified garages who are in direct contact with vehicle owners do know their contact data, but not the unique identifiers (ASG IDs) that have been assigned to them whereas AMV Networks processes the ASG ID, but does not have any information about the vehicle owners’ identities.
The ToE includes
- AMV® On-Board-Unit ASG®
- AMV® Data Center TrafficSoft®
(including the web portals for business partners, garages and vehicle owners)
- Relevant contracts with third parties
c/o Secur-Data Betriebsberatungs-GmbH
Prof. Hans-Jürgen Pollirer
c/o Secur-Data Betriebsberatungs-GmbH
Formerly Certified Versions