We seem to be living in a world that is barreling headlong towards a science fiction reality that was the dream of writers in the 1950’s. Our parents were shown images and told stories of an ever more connected world where one would have personal jetpacks and driverless cars would whisk us toward destinations with little or no input from the frail human beings who would simply be passive participants in the journey. Those driverless cars are seemingly just around the corner (no jetpacks as yet). But the future is certain when it comes to connected vehicles.
These connected vehicles use sensor data to take actions without the input of the driver and store data for later use. This can be something as seemingly harmless as locking doors above a certain speed but there are other types of data that the connected vehicle stores for future processing. This data is used by parties that are aggregating the information for uses that the driver may not be comfortable with – and that he or she has not been given the option to consent to or opt out of.
Connected vehicles – Data and the Internet
Many vehicles are now connected to the Internet or to the manufacturers who collect data on the vehicles’ performance. Take for instance the Nissan Leaf – an electric car that ships with a proprietary smart app. This app allows the driver to remotely start the vehicle, adjust temperature settings and monitor the cars’ charge, amongst other features. Companies like Tesla are also testing the limits of how we interact with our motor vehicles – and at the same time gathering information and data on how owners interact with their connected vehicles – all in order to improve the performance of its own artificial intelligence systems.
Connected vehicles driving privacy concerns
These advances are potentially worrying as far as connected vehicles are concerned. Data about driving habits and driver performance that are remotely supplied to third parties may have long term implications on a drivers’ right to privacy. The vehicle of the 21st century is no longer just a machine that gets the driver from A to B. It is a data collection device – and the information that it collects is becoming increasingly granular. The ability of automobiles to collect data for later aggregation by third parties such as manufacturers is problematic in itself. However, that problem may pale into insignificance when compared to the fact that the data may be onsold to other parties without the permission of the driver. Think about data that could be supplied to an insurance company about the driver’s habits – and then used by that company to make adjustments to the premiums that it charges that individual.
This is not just a theoretical scenario. In the United States, insurance companies are offering ‘usage based’ premiums if clients agree to install proprietary telemetric systems into cars. These systems monitor other information gathering electronic systems that are part of the cars increasingly intelligent data gathering suite.
Such systems, in addition to the cars’ own internal diagnostic and monitoring systems track – with increasingly granular details a slew of data. This data includes how the vehicles brakes are employed and the time of day that the vehicle is in use. Where vehicles have GPS systems fitted, data on the type of roads that the car travels on can also be collected. Other data such as information on driving style can also be supplied by telemetric systems.
An argument can be made – and is certainly put forth by the insurance companies that the client does consent to the use of these devices and that they are designed to help motivate for lower insurance premiums. This affects the entire customer base (who would also enjoy lower premiums) due to the fact that they police those who are prone to engage in bad driving habits. However, this is simply ingenious. In the United States, it is not legal to drive without insurance. It is not a leap to imagine a time when the fitment of telemetric systems is a requirement. How long before all auto insurers require this sort of surveillance – and increase their ability to simply remove control from the driver in the case of erratic driving habits. This could either be achieved by switching off the electronics to render the car nonfunctional – or as technology progresses taking over control completely. This raises issues relating to privacy and to a variety of other legal issues relating to just how far third parties could go in efforts to use data to control and police behavior.
To return to Tesla, that company uses a combination of telematics and sensor data to assist with its ‘machine learning and autonomous driving systems’. Tesla is aggregating this data and processing it to improve how its AutoPilot systems work for customers who have chosen to have it fitted. However, even customers who do not choose to fit the AutoPilot system still have their data collected by Tesla.
Aggregation is the collection of data to identify trends in and recognize patterns – this is often referred to as big data analytics.
Data about driving habits and driver performance supplied to third parties may have long term implications on a drivers’ right to #privacy.
Click to Tweet
Other manufactures are already showing an interest in similar data collection. But it’s not just the manufacturers who are focused on aggregating data. Third parties like Google are also eyeing this capability. It does not take a crystal ball to foresee a time when driving data could be readily shared with advertisers, insurance companies, local and municipal government, and law enforcement for a myriad of reasons.
Can drivers make a privacy choice?
The collection and aggregation of the data from connected vehicles has troubling implications for the privacy of the individual, not least because they simply have no choice in the matter. The use of motor vehicles is such a fundamental part of modern life that the invasion of privacy is all but unavoidable if new legislation is not promulgated. It is absolutely essential that drivers be provided with the right to opt out of such data collection and aggregation activities. In fact, these activities go against accepted data exploitation principles. Access to data must be protected from those who are not the primary user – the individual.