This paper describes techniques that enable vehicles to collect local information (such as road conditions and traffic information) and report it via road-to-vehicle communications. To exclude malicious data, the collected information is signed by each vehicle. In this communication system, the location privacy of vehicles must be maintained. However, simultaneously linkable information (such as travel routes) is also important. That is, no such linkable information can be collected when full anonymity is guaranteed using cryptographic tools such as group signatures. Similarly, continuous linkability (via pseudonyms, for example) may also cause problem from the viewpoint of privacy. In this paper, we propose a road-to-vehicle communication system with relaxed anonymity via group signatures with time-token dependent linking (GS-TDL). Briefly, a vehicle is unlinkable unless it generates multiple signatures in the same time period. We provide our experimental results (using the RELIC library on a cheap and constrained computational power device, Raspberry Pi) and simulate our system by using a traffic simulator (PTV), a radio wave propagation analysis tool (RapLab), and a network simulator (QualNet). Though a similar functionality of time-token-dependent linking was proposed by Wu et al. (“Balanced trustworthiness, safety, and privacy in vehicle-to-vehicle communications,” IEEE Trans. Veh. Technol., vol. 59, 2010), we can show an attack against the scheme where anyone can forge a valid group signature without using a secret key. In contrast, our GS-TDL scheme is provably secure. In addition to the time-dependent linking property, our GS-TDL scheme supports verifier-local revocation, where a signer (vehicle) is not involved in the revocation procedure. It is particularly worth noting that no secret key or certificate of a signer (vehicle) must be updated, whereas the security credential management system must update certificates frequently for vehicle privacy. Moreover,...