Abstract
Vehicular data-collection platforms as part of Original Equipment Manufacturers’ (OEMs’) connected telematics services are on the rise in order to provide diverse connected services to the users. They also allow the collected data to be shared with third-parties upon users’ permission. Under the current suggested permission model, we find these platforms leaking users’ location information without explicitly obtaining users’ permission. We analyze the accuracy of inferring a vehicle’s location from seemingly benign steering wheel angle (SWA) traces, and show its impact on the driver’s location privacy. By collecting and processing real-life SWA traces, we can infer the users’ exact traveled routes with up to 71% accuracy, which is much higher than the state-of-the-art.
