The connected car: who is in the driver’s seat? A study on privacy and onboard vehicle telematics technology [
PDF], a study by Philippa Lawson for the British Columbia Freedom of Information and Privacy Association, comments
Our vehicles are changing.
Telematics and wireless connectivity have transformed
what used to be purely mechanical vehicles into
electronically-controlled transportation and mobile
communications devices. Vehicle performance data
is now transmitted over the air to external computers
where it is analyzed and used to monitor vehicle
health and driver behaviour. Navigation systems
allow for monitoring of vehicle location and route
history. Drivers and passengers can now use on-
board infotainment systems for voice and data
communications, on-demand entertainment, web
browsing and a growing range of convenience-
related applications. Increasingly, cars are capable
of recognizing individuals and customizing settings
accordingly. There is no question that Connected Cars
offer a growing range of services to car owners and
drivers.
But what is the cost to our privacy? All of this data
can be linked to the vehicle owner or registered user.
The same technologies that allow for safer, more
convenient and entertaining vehicles are also capable
of amassing vast databases of information about
drivers and analyzing that data in order to generate
“actionable insights.” These insights can be used
not only to improve vehicle systems and features,
but also to track and profile customers for targeted
marketing and other purposes. With connectivity,
cars are becoming highly efficient data harvesting
machines and a major element of the evolving Internet
of Things. Customer data generated by the Connected
Car is now seen as a major new source of revenue for
automakers and their many partners. In fact there is
so much competition for access to this data that some
automakers are now publicly pushing back.
The data generated by telematics and vehicle
infotainment systems is highly revealing of personal
lifestyles, habits and preferences. In addition to
customer account data and vehicle performance
data, it includes driver behaviour data, biometrics and
health data, location data, personal communications
(voice, text, email, social networking), web browsing
data, personal contacts and schedules, use of features
and applications, and choice of music, radio and
other streamed audio or video content. The breadth
and depth of personal data that can be culled from
Connected Cars is enormous and goes significantly
beyond that already available via mobile devices, both
in quality and in quantity.
Telematics is also now being used by automobile
insurers to offer “usage-based insurance” (“UBI”)
programs, under which insurance premiums are
determined based on driving behaviour – where, when
and how one drives. UBI is relatively new in Canada
and subject to regulation at the provincial level.
Current regulations require that it be offered on a
voluntary basis and be used to provide discounts only
(not to impose penalties), but that could change over
time if UBI becomes more prevalent in the insurance
marketplace.
Governments are working with the private sector to
develop Intelligent Transportation Systems that involve
automatic, ongoing communications between vehicles,
as well as between vehicles and infrastructure, in order
to alert drivers to impending dangers and reduce
the number of traffic accidents. Such “Connected
Vehicle” systems are also being promoted to improve
traffic efficiency and lower carbon emissions. But
they also involve the sharing of vast amounts of data
that could, if not properly limited and secured, create
an architecture of surveillance that would be ripe
for exploitation by governments, corporations and
cybercriminals alike if not properly protected.
Especially when tracked, combined or linked with
other available data, the information generated by
telematics devices can reveal intensely private details
of a person’s life and is therefore highly sensitive and
vulnerable to abuse. The monitoring of a person’s
vehicle use, driving routes and destinations alone, for
example, can reveal a great deal about that person –
information that is useful not just for marketers and
insurance companies but also to thieves, stalkers, and
others with malicious intent. The security risks created
by this unnecessary and inappropriate collection and retention of personal data is concerning, while
the potential for hacking of electronic car systems
that could interfere with control of the vehicle raises
additional safety and security concerns.
The privacy risks are amplified in an industry
ecosystem characterized by multiple players (who
often play multiple roles) vying for a piece of the
data pie. In order to offer infotainment services,
for example, automakers must partner with
telecommunications and applications providers. Key
players include telecommunications and information
technology giants such as Verizon, AT&T, Apple and
Google, who already have a strong position in the
market for consumer data and analytics. Similarly,
insurers rely upon third party telematics service
providers to deliver usage-based insurance. Other
aftermarket providers are also taking part in this 21st
Century “data rush”, offering telematics products that
can turn existing unconnected vehicles into Connected
Cars.
Cars are a necessity for many if not most Canadian
households. Doing without a vehicle is simply not
an option for most families. But as vehicles are
increasingly outfitted with telematics systems,
purchasers of new vehicles have little choice in the
extent to which their cars are capable of monitoring
their driving behaviour and location. Laws and policies
have been put in place limiting access to accident data
collected by Event Data Recorders, but the same data
is now being collected and transmitted wirelessly by
vehicle telematics systems.
Of even greater concern is the limited choice
consumers are being offered when it comes to the use
and disclosure of their personal data collected by the
Connected Car. Our review of several Connected Car
privacy policies and terms of service indicates that the
industry is violating Canadian data protection laws. In
addition to lack of consent and forced agreement to
unnecessary and arguably inappropriate uses such as
marketing, Connected Car service providers are failing
to meet the standards of Canadian law in respect of
openness, accountability, individual access and limiting
collection, retention, use and disclosure of customer
data. Even the highly publicized “Consumer Privacy
Protection Principles for Vehicle Technologies and
Services” issued by automakers in November 2014 fail
to meet the standards of Canadian data protection law
in numerous respects.
The time for action is now, while Connected Car
systems are still being designed.
Canadians are demanding that the privacy of their
personal information be respected by Connected Car
service providers and that they be given control over
the data collected about them and their vehicles.
Policy-makers have to provide the guidance that the
automotive industry desperately needs on how general
principles of data protection apply in their sector.
Just as detailed safety standards were established
for the industry and are enforced by regulation, a set
of data protection standards should be developed
collaboratively and enforced via regulation. This will
have the beneficial effect of providing a baseline of
privacy protection and clear guidance to the industry,
while ensuring a level playing field for domestic
manufacturers and importers alike.
The report offers several recommendations:
1.
Establish data protection regulations for the
Connected Car industry.
2.
Develop national data protection standards for
usage-based insurance.
3.
Involve privacy experts in the design stage of
Intelligent Transportation Systems, including
Connected Vehicle research projects.
4.
Adopt “Privacy by Design” Principles and
Related Tools
4a
– Establish a Privacy Management Program
4b
– Identify and Avoid Unintended Uses
4c
– Be Open and Transparent
4d
– Respect for User Privacy: Keep it User-Centric
4e
– Work with device manufacturers, OS/
Platform Developers, Network Providers,
Application Developers, Data Processors to
integrate controls and data minimization
techniques.
