Blockchain technologies and distributed ledgers enable the design and implementation of trustable data logging systems that can be used by multiple parties to produce a non-repudiable database. The case of Internet of Vehicles may greatly benefit of such a possibility to track the chain of responsibility in case of accidents or damages due to bad or omitted maintenance, improving the safety of circulation and helping granting a correct handling of related legal issues. However, there are privacy issues that have to be considered, as tracked information potentially include data about private persons (position, personal habits), commercially relevant information (state of the fleet of a company, freight movement and related planning, logistic strategies), or even more critical knowledge (e.g., considering vehicles belonging to police, public authorities, governments or officers in sensible positions). In the European Union, all this information is covered by the General Data Protection Regulation (GDPR). In this paper we propose a reference model for a system that manages relevant information to show how blockchain can support GDPR compliant solutions for Internet of Vehicles, taking as a reference an integrated scenario based on Italy, and analyze a subset of its use cases to show its viability with reference to privacy issues.
