...

As of today, there is no unified way of handling consent, and data access across all parties. Everything is handled individually by the parties involved. There are commercial solutions avalable like caruso, but they are working to their closed conditions. Also it seems that data access to the car data is done via the VIN. In the data exchange platform we aim for huge datasets, with unified and open data access. Also the exchange platform shall employ measures to manage consent in huge datasets. This means, if datasets consists data that are missing a valid consent then a publication of this datasets is not possible. 

Last but not least, caruso is a business and hence is looking for profitability. COVESA can work on a standardized way for exchanging data on that platform. The operation is intentionally left out since this is handled by the members of the eco-system. The communication between single instances and data exchange is based on the standards and therefore the exchange is possible. 

Desired state

1. Drivers and owners produce data based on consent
2. Data is stored by the entity who created/deployed the device to the car if consented by the owner
3. This entity defines terms and conditions to access the stored data
4. Interfaces allow the access to data protected by state of the art security measures and access control
5. We create a goto-place where all participants can go and explore
6. Everyone can onboard and register for accessing the data according to the predefined terms and conditions
7. Curated/processed datasets, models, and other things can be made available again

...