Connectivity and digitalization have a crucial role in future mobility. Large quantities of data are the basis for many new business models, including automated and autonomous driving, driving assistance systems, vehicle safety and new services. We are committed to using data responsibly. At the same time, we focus on the needs of our customers. Our group-wide Data Compliance Management System helps us plan, implement and monitor measures to comply with data protection regulations in this process.
Our Data Vision
Data makes it possible for innovative services to offer greater security and comfort, i.e. added value. It is important to us that our customers and business partners can trust that their data is handled responsibly and securely. We have defined the Daimler data vision as our standard for data to be handled sustainably, responsibly and ethically.
It is fleshed out by various guiding principles concerning data. The guiding principles of transparency, choice and data security are crucial to us in this process.
Data protection is of great importance to us, and we act responsibly in the collection, storage and use of data. Adequate transparency regarding the handling of data is indispensable. Our customers ought to know what data is collected, when and for what purpose. As such, we provide them with extensive information in sales literature, on the vehicle homepage, in apps, in the operating instructions and – whenever reasonably possible – directly in the vehicle as well.
By the same token, it is important to us that our customers be able to decide themselves what services they actually use and what data they want to share – either through consent, by contract or at the push of a button. This choice allows them to selectively enable services in the Mercedes me app and to disable them again at any time, for instance.
The high security standards of our customers similarly apply to data security in our vehicles. As a result, we continuously enhance data security with a view to advances in IT in order to protect data from manipulation and misuse.
Handling data responsibly is part of our corporate digital responsibility. We are focusing on transparency, self-determination, and data security. When our engineers develop new services and products, they sit down at a table with their colleagues from the corporate data protection and legal departments so that they can find solutions together. Data protection is a key factor in connected driving in particular, and also in customers’ acceptance of this technology.
Privacy-friendly product development
Ensuring effective data protection in vehicles is an integral component of our product development. Today, drivers of many model series can already make use of services such as live traffic information and the Active Stop-and-Go Assist system. Such applications are based on data processing. One main focus of our data protection activities is thus on a privacy-friendly design for connected vehicles, automated driving functions, and new services and applications. Privacy by Design is the basis for this. This means that our data protection officers already work with engineers and IT developers during the product creation phase and aim for responsible handling of data.
Responsible use of Artificial Intelligence
The use of Artificial Intelligence (AI) also requires clear guidelines. There is a wide variety of application fields for AI within the automotive industry. Interlinked navigation systems, smart voice assistants and autonomous vehicles are just a few examples of the diverse applications for AI. We also want to seize the opportunities that AI entails for our customers. For us, acceptance and trust are fundamental to using AI for data processing. Our guiding principles for data have thus been supplemented by our Principles for Artificial Intelligence. They are the basis for responsible and sustainable handling of AI technology in the company. Together with the guiding principles for data, they serve as an important foundation for our digital responsibility.
The Data Compliance Management System
In order to accommodate the regulatory requirements concerning data, we are one of the first automobile manufacturer to combine the existing measures, processes and systems for data security compliance into a Data Compliance Management System (Data CMS). It is based on the Daimler Compliance Management System already in place. It helps us to systematically plan the measures for complying with data protection regulations based on risk, to implement them throughout the Group and to continuously monitor them. With the Data CMS, Daimler exceeds the statutory requirements in order to ensure sustainable handling of data in the company.
Anchoring data protection and data compliance in our organization
The Data CMS is managed by the Data Compliance unit, which defines the methods, processes and systems for the Data CMS to be adequate. The unit also supports all the central and local Group units in minimizing data-related risks, assesses them, and uses this to come up with specific compliance solutions along with the respective management. In addition, it conducts numerous communication and training measures and offers certain data protection consulting services.
The Chief Compliance Officer is responsible for the global compliance organization. He reports on current data compliance developments to the Member of the Board of Management responsible for Integrity and Legal Affairs as well as to the entire Board of Management.
The Chief Officer Corporate Data Protection performs the tasks required by law for complying with data protection regulations. Along with his team, he monitors compliance with data protection laws and the Daimler Data Protection Policy. The Chief Officer Corporate Data Protection is also responsible for processing data protection complaints and for communicating with the supervisory authority. He also initiates communication and training measures and advises the corresponding people in charge and specialist units on implementing data protection impact assessments in particular. The Chief Officer Corporate Data Protection acts independently and reports directly to the Member of the Board of Management for Integrity and Legal Affairs.
Our approach to the effective management of data protection also relies on local contact persons at our numerous sites and facilities around the world. They assist the respective local management in implementing the data compliance measures.