Whither Privacy?
There was a barely-measurable kerfuffle a couple years back when it was revealed that the OnStar in-vehicle communications system had been collecting information from its systems on its users. Ostensibly the reason it was taking the information was to improve service, but it turned out, OnStar was providing it to third-party suppliers.
It also turned out they were recording information on the owners who'd stopped using them and even on cars that had been sold and the systems still not engaged. OnStar claimed it was easier to keep the systems going should a customer want to restart the service.
The information the company was taking was not actually OnStar’s. Since then, the company has issued a privacy statement clarifying how it will use data henceforth. But that’s not how the story ends.
Another event occurred in Germany just the other day, when ADAC announced it had successfully hacked into a BMW's Connected Drive system, burrowing into the place where data gets transmitted to the manufacturer about unscheduled repair and maintenance availabilities. The flawed security affects companies within BMW's network of approved repair providers. It was an interesting little stunt, but it was one that quite a few independent repair places would love being able to duplicate. It did show what people have been suspecting for a long time; that connected cars are easier to hack into than the OEMs have been letting on.
As this article was being written, US Senator Ed Markey warned loudly that the increasing technical complexity of connected cars is putting drivers' security and privacy at risk and that that OEMs aren't doing nearly enough to protect the privacy of their customers. “The automakers haven't done their part to protect us from cyber attacks or privacy invasions,” Markey said in a statement. “Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain … unprotected.”
Privacy, particularly in the connected car space, is a funny subject. It's something everyone assumes they have a right to, which of course, in most democracies anyway, they do. And that's where privacy get's funny.
It goes without saying that nothing quite epitomizes the whole spirit of freedom quite like a nice car with a full tank of gasoline and an open stretch of road. Nothing sours the glory of this ideal like the idea of having your movements monitored and tracked, and then tabulated, correlated, and quantified without you necessarily even knowing it.
But if the car you're driving happens to be a connected one, that is exactly what is happening and it is also where the matter of privacy starts getting complicated. If you have a navigation system, so you can know where you are and which way you're going, that system is also inadvertently tracking you, and one way or another it's also probably transmitting that information out. Nothing particularly diabolical. That's just how the technology works.
Nobody wants to have their driving monitored and tracked; certainly not without their knowledge or permission and the OEMs don't have any great interest in playing Big Brother, either. OEMs are made up of engineers and bean counters, people whose passion is developing solutions, not peering through keyholes. But, of course, finding solutions these days requires data, lots of it, which, not coincidentally, connected cars generate almost from the moment they first connect.
Depending on what vehicle you’re driving, your on-board systems could be monitoring everything from your brake pads and oil pressure, the amount of lane changing you're doing, your braking, acceleration, the music you're listening to and which burger or taco joint you've pulled into for lunch.
Some of that information the OEM needs in order to know how well their cars are working and how they can be improved. Some is safety-related or of interest to your insurer or to the government agencies that maintain our roads and transportation infrastructure.
But a whole lot is being sucked up by Apple or Google, or Yelp or someone else in the marketing space. They'll all tell you the information they're gathering is not really about you as an individual person, but as one tiny speck in a massive aggregate. In the process, your data gets scrubbed of anything that has anything much to do with you.
“Carriers and service providers may claim to 'anonymize' our information, but then you start noticing all contextually-aware advertising pitches coming your way, and you know they're not exactly telling you the truth,” says Roger Lanctot, an industry consultant with Strategy Analytics. To a certain extent, he considers the issue of privacy somewhat overblown, though he doesn't dismiss it by a longshot. “I think we all realize we have traded privacy for access to powerful services,” says Lanctot. “People are willing to exchange privacy for greater safety in relation to their car.”
Dave Miller, Chief Security Officer for Covisint, advocates what he calls a “customer-centric” approach to privacy. “My car knows things about me,” says Miller. “It knows when I drive, where I drive and what music I listen to. It knows whether I touched the brake before I hit the car coming at me. Maybe I don't want my car tracked when I'm driving, because it's my car, but I do want it tracked when my son is driving it. Having the ability to secure that information so that it is in a place where you can have control over it, as opposed to your car manufacturer having control over it, is very important.”
The best way to do this, Miller says, is using a Cloud-based system that allows people to connect using a centralized hub. “This way, you get to set up the rules beforehand about who gets to talk to who. By having a hub, you also have an audit point. This gives you control over your own information and keeping that information from being in the hands of all kinds of third parties,” says Miller.
But the issue goes much deeper than mere privacy. The bigger issue, in a sense, is if the data being generated from a connected car belongs to the car's owner, how can the owner then establish ownership and control over that data? It may be valuable to the OEM and different service providers, but that doesn't mean they have an inalienable right to it. They should be required to obtain the owner's affirmative consent.
In late November, two industry groups, the Association of Global Automakers, and Alliance of Automobile Manufacturers, jointly announced a set of voluntary consumer protection principles in which they pledged a number of things, including a promise to inform consumers about how the data they collect will be used; to obtain affirmative consent for certain ways it might be used; and to anonymize aspects of the data.
Almost immediately, VDC Research, an industry consulting firm, fired back that, though well-meaning, the declaration didn't go far enough. For instance, while the document instructs members to “implement reasonable measures to protect covered information against loss and unauthorized access,” 'reasonable measures', being standard industry practices were “too wishy-washy,” and not instilling any confidence or suggesting any willingness “to go the extra mile” for data security, says VDC. The firm says the document needs to specify minimum requirements for security data at the various levels.
On the matters of consent and data access, VDC's criticism was even stronger. They mention that while the document acknowledged the need to obtain consent “in a clear meaningful and prominent notice disclosing the collection, use and sharing of covered information, it left out any provision for a vehicle owner to deny such consent or revoke it afterwards.” VDC went on to suggest that what would likely happen was the consent form would be presented to the consumers in a stack of papers to be signed.
In the document, the two groups promise that consumers will have reasonable means to review and correct personal subscriber information. But VDC argues that they seem to forget that the drivers provided this information in the first place. “This isn't a privacy issue,” VDC argues, ”it's a data rights issue.”
The firm argues that vehicle owners should be able to take diagnostic data to an independent mechanic rather than to the dealers or authorized third parties the OEM deigns competent. VDC also says unless a legitimate safety reason exists not to make data available, the default should be to provide consumers access to data from their own vehicles.
At the same time, people wanting in on the connected car experience need to accept data sharing as part of the deal. Tesla makes data sharing a condition of ownership, as does anyone wanting to buy a Chevy Volt. This insistence will likely spread to the non-electric cars as well. “I have news for everyone,” says Roger Lanctot. “The age of protected privacy in a car is over. We'll always be exposed. The challenge for car makers is to deliver a value proposition that will allay customer concerns about data-sharing and privacy and to provide some transparency and control.”
