A systematic review of data privacy in Mobility as a Service (MaaS)

Abstract

Mobility as a Service (MaaS) integrates various transportation modes to offer seamless urban mobility solutions. However, the extensive collection and sharing of user data on MaaS platforms pose significant privacy challenges. This systematic review identifies key data privacy concerns, evaluates current privacy-preserving technologies, and explores the role of regulatory frameworks in ensuring user privacy in MaaS systems. Using the PRISMA framework, a comprehensive literature search across Web of Science, Elsevier, and IEEE Xplore databases resulted in the selection of 32 studies for detailed analysis.

The review is structured around three main themes: (1) Privacy-Preserving Techniques, including anonymization strategies (k-anonymity, differential privacy, obfuscation), encryption methods (blockchain, cryptographic protocols), federated learning for decentralized data processing, and advanced algorithms for optimizing privacy budgets and balancing utility-privacy trade-offs; (2) User Trust and Privacy Perceptions, highlighting that trust in service providers is essential for MaaS adoption, privacy concerns may impact adoption but do not necessarily prevent it (the “privacy paradox”), and awareness of data misuse affects user trust and willingness to adopt MaaS; and (3) Regulatory Frameworks, focusing on the importance of GDPR compliance to ensure strict data protection through consent and transparency, and embedding privacy-by-design principles within MaaS architectures to safeguard user data from the outset.

This review emphasizes the need for a holistic approach, integrating technological innovation, user-centered design, and strong regulatory oversight to effectively address privacy challenges in MaaS. Future research should focus on developing scalable privacy frameworks that protect user data without compromising operational efficiency.