Government rules limit how event data recorders - the black boxes in cars that record information such as speed and seatbelt position in the seconds before, during and after a crash - can be used. But no single law in the United States covers all the data captured by all the other devices in automobiles.
Those devices include radar sensors, diagnostic systems, in-dash navigation systems and built-in cellular connections. Newer cars may record a driver’s eye movements, the weight of people in the front seats and whether the driver’s hands are on the wheel. Smartphones connected to the car, and those not connected to the car, can also track your activities, including any texting while driving. There are few rules or laws in the United States that govern what data can be collected and used by companies (an exception is medical information). The United States generally does not ensure that companies strip out names or other personal details, or stipulate how such information should be used, for example.
Typically, a driver agrees to be tracked and monitored by checking off a box on one of the user agreement forms needed to register a car’s in-dash system or a navigation app. In most cases, the driver must agree to such terms to use an app or service where most cases the primary collector and owner of this deluge of data is the automaker.
In Arizona, Farmers Insurance is offering customers a 3 percent discount just for using a smartphone app that tracks driving behavior, including whether the driver is holding a phone or using a hands-free Bluetooth connection reveal travel and buying patterns. Aggregated information can be purchased from navigation companies, for example, and combined with other so-called anonymized information from dating apps to identify the habits of a specific demographic.
Many countries have specific laws about what information can be collected about drivers In France, they don’t want you to time-stamp locations,” said Ben Volkow, chief executive of Otonomo, “while in Germany they are more sensitive about speed information.”
In the United States, President Trump signed legislation in April overturning some internet privacy protections, allowing companies to more freely collect information on customers, including mobile users.The rules asked that when things were sensitive, an internet service provider asked permission first before collecting. That’s not a lot to ask.” The privacy rules were created in October by the Federal Communications Commission having to ask permission to track browsing and other online activities of a user, the companies were also required to use “reasonable measures” to secure consumer data against hackers. The privacy rules were scheduled to go into effect at the end of this year.
General Motors spearheaded the first widespread deployment of in-vehicle data recorders, or “black boxes,” in the 1990s, coincident with new airbag regulations. The technology was developed to capture crucial information about real-world crashes to help engineers and researchers improve automotive safety. Today, however, insurance and law-enforcement investigators commonly use the data for crash reconstruction and as evidence in legal cases. You can prove your innocence or be found at fault in an accident with the information captured by a black box. Indeed, event-data recorders (EDRs) installed in Toyota vehicles cleared the company from liability in NHTSA’s 2011 unintended-acceleration investigation.EDRs save a steady stream of data to memory, the old constantly overwritten by the new, until a crash freezes the record from a few seconds before until after it’s over. Federal standards that began with the 2013 model year say vehicles with black boxes must record a minimum of 15 data points, including vehicle speed, engine rpm, throttle angle, brake use, seatbelt status, and changes in velocity, among others. Rules for 30 additional and optional elements are also part of the NHTSA requirement. But carmakers are not forbidden from recording more data, or doing so for longer periods than the five seconds required by the government. Indeed, another proposed standard would have required 85 variables.EDRs are not yet required equipment, but a proposed change to the Federal Motor Vehicle Safety Standards would have mandated the devices in all cars and light trucks starting in September. NHTSA, however, delayed its final ruling amidst public criticism over privacy rights and pushback from carmakers. Any celebration by privacy advocates would be premature, however, as insiders expect NHTSA to move forward with a mandate eventually. For most consumers, it won’t matter much. Some 96 percent of new vehicles sold in the U.S. today already contain black boxes, with the notable exception of Volkswagen Group models and low-volume exotiQuestions remain over the efficacy of the technology for uses beyond the initial aim of assisting crash researchers. The contents of an EDR can be read by anyone with the proper tools and access to the diagnostic port on a vehicle. And if you can access the data in an EDR, you can alter it. Among many comments to NHTSA’s proposal are concerns from attorneys that criminal convictions or civil judgments can be obtained based on falsified crash data.“It is possible to tamper with this stuff,” says Tom Kowalick, an EDR expert who contributed to NHTSA’s standards-making group. “NHTSA is saying you can’t erase crash data, and they are wrong.”Less insidious, but perhaps more concerning, are allegations from forensic investigators that the devices themselves are fallible. Despite NHTSA’s rulemaking, different commercial systems do not perform identically and data retrieval from the boxes is not standardized. Rollover accidents present challenges to recording accurate data not only because these events last longer than a frontal collision, but because their physics are so different. And in some cases, the data pulled from the boxes is wrong. One attorney’s comments on NHTSA’s proposal included examples where EDR reports contained incorrect information, such as stating that airbags had been deployed when they hadn’t, or claiming a deceleration rate in the single digits from a car that had been completely demolished in a collision.While 14 states have enacted laws requiring an owner’s consent to access the data, they universally include exemptions for court orders, safety research, and vehicle service. NHTSA’s position is that a vehicle’s owner also owns the black-box data, but the agency also says it has no regulatory authority to ensure such rights.The specter of black boxes is less chilling than the one raised by telematics, though. While EDRs basically just take notes, cellular-linked technology such as Ford’s Sync or GM’s OnStar can transmit any onboard data stream in real time. And the nature of their two-way communication means that telematics systems will become tempting targets for hackers, says Nate Cardozo, a staff attorney for the Electronic Frontier Foundation, a technology-focused civil-liberties group.But a more immediate concern is that these systems can also transmit GPS-derived location information. And while we subscribe to the belief that you are what you drive, the reality is that you are really defined by where you drive.“Location data is one of the most sensitive kinds of data about us,” says Cardozo. “Anyone who has this data can figure out an amazing array of things about a persAnd Your car already collects a lot of data about your driving and may soon collect much more.
Is Your Car Spying on You?
If it's a recent model, has a fancy infotainment system or is equipped with toll-booth transponders or other units you brought into the car that can monitor your driving, your driving habits or destination could be open to the scrutiny of others. If your car is electric, it's almost surely capable of ratting you out.
You may have given your permission, or you may be the last to know. At present, consumers' privacy is regulated when it comes to banking transactions, medical records, phone and Internet use. But data generated by cars, which these days are basically rolling computers, are not. All too often,"people don't know it's happening," says Dorothy Glancy, a law professor at Santa Clara University in California who specializes in transportation and privacy. "People should be able to decide whether they want it collected or not."
Try as you may to protect your privacy while driving, it's only going to get harder. The government is about to mandate installation of black-box accident recorders, a dumbed-down version of those found on airliners - that remember all the critical details leading up to a crash, from your car's speed to whether you were wearing a seat belt. The devices are already built into 96% of new cars.
Plus, automakers are on their way to developing "connected cars" that constantly crank out information about themselves to make driving easier and collisions preventable. Privacy becomes an issue when data end up in the hands of outsiders whom motorists don't suspect have access to it, or when the data are repurposed for reasons beyond those for which they were originally intended.
Though the information is being collected with the best of intentions - safer cars or to provide drivers with more services and conveniences - there is always the danger it can end up in lawsuits, or in the hands of the government or with marketers looking to drum up business from passing motorists.
Courts have started to grapple with the issues of whether - or when - data from black-box recorders are admissible as evidence, or whether drivers can be tracked from the signals their cars emit. While the law is murky, the issue couldn't be more clear cut for some. "You do have a right to privacy in your car," says Khaliah Barnes, administrative law counsel for the Electronic Privacy Information Center, at least when it comes to data from automotive black boxes and infotainment systems.
Electronic Data Recorders (EDR)
Known as black boxes for short, the devices have fairly straightforward capabilities. If the car's air bags deploy in a crash, the device snaps into action. It records a vehicle's speed, status of air bags, braking, acceleration. It also detects the severity of an accident and whether passengers had their seat belts buckled. EDRs make cars safer by providing critical information about crashes, but the data are increasingly being used by attorneys to make points in lawsuits involving drivers. "It's far more reliable than eyewitness accounts," says Wolfgang Mueller, a Berkley, Mich., plaintiff lawyer and former Chrysler engineer. "It's hard for the carmakers to dispute their own data."
Others aren't so sure. California plaintiff lawyer Don Slavik says no one should assume black boxes "are dispassionate and accurate witnesses." He said he's had "numerous downloads that don't comport with physical reality." Consider the case of Kathryn Niemeyer, a Nevada woman who sued Ford Motor when her husband, Anthony, died after his car crashed into a tree in Las Vegas. Her lawyers argued the air bag should have gone off and saved him, but they didn't want the black box data downloaded from the car's EDR admitted into evidence. Their contention: The data "constitute unreliable hearsay," contain multiple errors and aren't verifiable. The court agreed, but Niemeyer lost her case anyway in U.S. District Court.
Infotainment Systems and On-Board Computers
The latest in-car entertainment systems provide GPS navigation and instant two-way communication to motorists. But they can also be used to relay information about a car's systems to automakers. And that can invade consumers' privacy, as General Motors found out last year.
OnStar, the General Motors unit that provides in-car communication at the push of a button, proposed a change in its customer agreement last year. The move would have allowed GM to sell information that it collects not only from current subscribers but from cars of customers whose subscriptions to OnStar had ended.
It would have been a sweeping change. Free OnStar - for six months up to three years, depending on the model - comes as standard equipment in most new GM models. The data would have come from the car's computers, reporting safety and diagnostic information such as fuel economy or the need for oil changes or tire pressure, details that would be shared with dealers or other GM affiliates.
Even though GM says it doesn't sell information to third parties, the proposed change was killed after an outcry. OnStar still can ping batches of cars owned by current subscribers to anonymously look for information about how they are running. That way, GM engineers can monitor the vehicles' systems and remotely tackle issues that arise or find ways to make improvements, the company says.
When customers buy a Chevrolet Volt, a plug-in electric car that also has a gas engine, they are asked to sign an agreement that lets GM anonymously tap the car for information about its performance. Four out of five agree, says Larry Nitz, general manager of GM's electrification program.
As part of its Carwings system that lets owners monitor their electric Leaf cars from their smartphones, Nissan says it collects information on the cars. The automaker can find out about GPS and navigation; speed and distance; driving habits; battery use, charging history and deterioration; electrical system functions; software version; "and other spot data to assist in identifying and analyzing the performance of the Nissan Leaf." Owners must give their permission. The data are stored on a computer in Japan by vehicle identification number, or VIN, without personal information.
The ability of electric cars to track customers' travels and driving habits was dramatically demonstrated last month when Elon Musk, CEO of electric-car maker Tesla Motors, took issue with a critical review of his company's premiere product, the all-electric Model S sedan, in The New York Times. To refute the review that talked about the angst of running out of electricity and not getting a full recharge on a long trip in cold weather, Musk reconstructed the reporter's journey in a blog post based on data received from the car, including cruise control and cabin temperature settings, and how long the car was allowed to charge. In defense of his review, Times reporter John Broder wrote that Tesla told him it did "not store data on exact locations where their cars were driven because of privacy concerns. Tesla seemed to know that I had driven six-tenths of a mile 'in a tiny 100-space parking lot."
Transponders and Other Devices
These days, more commuters are being encouraged to obtain transponders for their cars that allow them to use toll roads or bridges without having to stop and pay. But sometimes, they can be used for other purposes.
In the San Francisco Bay Area, the Metropolitan Transportation Commission not only counts on motorists using FasTrak transponders to pay tolls but also collects data from the devices for traffic studies. If drivers don't want their car to be part of the traffic study, they're offered a Mylar bag that can block transponder signals when the box is not transmitting for toll collection.
Some drivers elect to bring other devices into their cars - fully knowing that they spy on their habits - and are rewarded for doing so. Progressive Insurance says more than 1 million of its auto insurance policy holders now use its Snapshot monitoring device, which plugs into the dashboard to record data from the car's computers for information about hard-braking incidents and time of day that trips are taken. Drivers save an average 10% to 15% on their premiums, says David Pratt, Progressive's general manager for usage-based insurance. To protect users' privacy, the company says it has no ability to track where cars drive and never sells any information to third parties.
Because consumers often opt to give away data when it benefits them, some say privacy issues are no cause for concern. Fears have been "blown out of proportion," says Mukul Verma, a former top GM safety expert who is now a consultant. "I don't think there is any chance of it being used or misused without people's permission."
THE JURY'S STILL OUT
There's a mixed record so far on how data from cars are playing out in court. On one hand, there's the case of Elva Diaz of Corona, Calif., who was convicted of involuntary manslaughter while drunk. In 2008, her car struck one driven by an 18-year-old college student, who died. Diaz's public defender appealed her conviction, saying the use of data about her speed and braking contained in the vehicle's black box violated her privacy. Last month, an appeals court upheld the conviction.
But privacy advocates point to a U.S. Supreme Court ruling last year in the case of a Washington, D.C., nightclub owner whose Jeep was monitored for weeks by police who had attached a GPS-based tracking device to it. Based on Antoine Jones' movements, he was convicted on cocaine distribution charges. In overturning Jones' conviction, the high court ruled that police should have obtained a warrant.
Privacy cases could proliferate as technology evolves. Automakers are developing systems that let cars digitally talk to each other or with infrastructure, such as bridges or freeway on-ramps, to avoid accidents.
More than 60% of new cars worldwide are expected to have connected capabilities by 2017, up from 11.4% last year, says ABI Research. At the same time, those "connected cars" hold the potential of divulging speed and a variety of data that could be used by law enforcement or others.
Aware of privacy concerns, developers of a proposed nationwide system of connected cars say they are trying to build in safeguards.
"The system will be designed to let drivers stay anonymous, to constantly change designators for any particular vehicle every few minutes in order to make sure no driver can be tracked," says Tom Schaffnit of the Vehicle Infrastructure Integration Coalition, which is organizing automakers for the project.
If a nationwide system goes forward that will connect cars to each other and the highway, Schaffnit says, he is confident privacy concerns will be addressed. It's logical: If the government is going to require connected cars, "then you need to be worried about privacy," he says.