Abstract
Android Automotive OS (AAOS) has been gaining popularity in recent years, with several OEMs across the world already deploying it or planning to in the near future. Besides the benefit of a well-known, customizable and secure operating system for OEMs, AAOS allows third-party app developers to offer their apps on vehicles of several manufacturers at the same time. Currently, there are 55 apps for AAOS that can be categorized as media, navigation or point-of-interest apps. Specifically the latter two categories allow the third-parties to collect certain sensor data directly from the vehicle. Furthermore, the latest version of AAOS also allows the OEM to configure and collect In-Vehicle Infotainment (IVI) and vehicle data (called OEM telemetry). However, increasing connectivity and integration with the in-vehicle network comes at the expense of user privacy. Previous works have shown that vehicular sensor data often contains personally identifiable information (PII). New privacy regulations around the world mandate that the collection and processing of this data has to be clearly communicated with the user of the vehicle who reserves the right to approve or deny. In this paper, the existing AAOS apps are manually analyzed for the user data they collect and share. Of particular interest is the consistency of the declared app permissions with developers’ privacy policies since discrepancies can suggest compliance issues. Our study results show that over 78% of analyzed apps do not mention all dangerous permissions in their privacy policies.
