Today’s smart car is smarter than ever before. The numbers prove it: The average connected car has the power equivalent of 20 computers, around 100 million lines of code, and 25 gigabytes of data per hour. With advanced technology at our fingertips, we are able to tap into the same minute-by-minute digital experience on the road that we’ve grown accustomed to off the road. Locating the nearest sushi joint or rerouting a trip to avoid construction are just a few of the ways being connected saves us time, hassle, and headache.
What we might not realize is that all of the tech that allows for more enjoyable trips and easier commutes is also capturing our data. Moreover, it’s not just a nugget of information here and there—connected vehicles are picking up patterns, driving habits, and detailed histories about their drivers.
This information is valuable—often extremely valuable—to different parties. For the most part, automakers want to use data to help improve the lives of their drivers. However, there is growing concern that in the wrong hands, this wealth of information could do harm. We’ll take a look at what kind of data is being collected, where this information is going, and how it’s being used, as well as emerging regulations about smart car data privacy and steps to protect yourself and your information.
What Type of Data Do Smart Cars Collect?
If you own a vehicle made after 2014, there’s a good chance your data is already being collected, according to a recent Esurance report. In fact, over a dozen sensors capture data every time you get behind the wheel. The information comes from a few different places:
Infotainment Centers: From your favorite playlists to the location of your beloved coffee shop, your connected car is sending back preferences and personal info to automakers.
Electronic Data Recorders: Commonly known as black boxes, these devices capture data if an accident occurs and can be used in court cases as a reliable source.
Other Devices: Some people willingly put data-collecting devices in their vehicles. Transponders are a convenient way to pay tolls without having to stop. Also, vehicle monitoring devices provided by insurance companies can help good drivers save money on their premiums.
With autonomous vehicles on the cusp of reality, there has been much discussion around data privacy and how to handle technology as it continues to evolve.
Sensitive vs. Non-Sensitive Data
In a recent report, the Federal Trade Commission (FTC) broke down three different types of data: aggregate, non-sensitive, and sensitive. Aggregate data is general data about a group of cars, perhaps used to discover solutions for traffic management. Non-sensitive data is non-identifiable information about a specific car—for example, measuring how it handles various weather conditions. Sensitive data is personal data specific to the driver—think addresses or frequently visited places.
A panel held during the 2018 Detroit Auto Show discussed the pros and cons of future connected cars. In particular, proponents claim that connected cars save lives. Sensors, radars, and cameras work together to see what a driver cannot see. However, privacy concerns with sensitive data were also discussed. Personal information like facial recognition technology or health data introduce a new level of concern—not to mention a need for new privacy laws.
Who Wants This Data and How Is It Being Used?
According to the FTC, many companies throughout the connected car network are interested in data. First, there’s automakers who collect data for many reasons, but mainly to provide services for vehicle owners. Then there’s the manufacturers of infotainment centers who scrape customer data through apps like GPS, music, or contacts. Finally, there are third parties that collect data through dongles that connect to a port in a car.
Why is there so much interest in something that’s intangible? Well, money. In fact, your data could soon be worth more than your car, thanks to sensors and cameras that track performance and surroundings. Some speculate that automakers will be able to make more money selling vehicle data than the actual vehicles themselves by 2020. Their end goal? To build an autonomous vehicles that can safely drive on every road ever built. Basically, the main goal of collecting vehicle data is to teach driverless cars how to drive.
There are also people who want your data for the wrong reasons: hackers. By tapping into your smart car, thieves could control your vehicle remotely. Personal information taken from smart cars could be sold or leaked to the public. Automakers need to work closely with cybersecurity experts to ensure connected cars are being designed securely—especially with autonomous vehicles on the horizon.
Emerging Regulations About Smart Car Privacy
So what’s being done to protect drivers’ data now? In 2017, the Safely Ensuring Lives Future Development and Research in Vehicle Development (SELF DRIVE) Act was passed. This bill requires automakers to develop a cybersecurity plan to regulate access to automated driving systems.
Also in 2017, the U.S. Department of Transportation and the NHTSA released new federal guidance for automated vehicles, “Automated Driving Systems (ADS): A Vision for Safety 2.0,” which encourages best practices and prioritizing safety. While the document doesn’t specifically address privacy, it does note encourage “the development of systems that guard against cyberattacks and protect consumer privacy.”
How to Protect Yourself and Your Data
As technology continues to grow and evolve, it’s important to understand what type of data is being collected through your vehicle. All data collecting isn’t necessarily bad—especially aggregate and non-sensitive data. Your driving habits and information might help influence the future design of an autonomous vehicle or infrastructure (like charging stations, for example). Plus, your data could help you save money on car insurance by proving you’re a good driver.
When it comes to sensitive data—like your home address, phone numbers, or GPS information—it’s best to keep this information to yourself. Here’s a few tips on how make sure your data doesn’t end up in the wrong hands.
Delete navigation information: Occasionally clearing out your GPS history is a good habit to form. Even a shady valet driver could access your home address without you knowing. If you’re selling your car, definitely take the extra step to delete past information. Check your owner’s manual for specific instructions on how to fully purge your history.
Enter less accurate locations: Rather than inputting your home or work address, enter nearby public locations (like a coffee shop or a gym) into your GPS. You’ll know where you need to go while still protecting your data.
Understand your car and its devices: The most important way to protect your data is to know your connected car. Do your research before installing devices and determine if you’re comfortable with the data being collected.
