Connected and autonomous vehicles put the need for data ownership in high gear
<hl>Connected cars and autonomous navigation increases our personal data exposure<hl>
The automotive industry has gone through some of the most impressive transformations thanks to innovative technologies. People no longer hail a taxi but instead get an Uber, the roads are filled with hybrid and even electric cars, and the world anxiously waits for self-driving vehicles to go from the latest sensation to an everyday norm. Analysts predict that the global connected car market will grow by 270% by 2022 and will reach $212.7 billion by 2027.
As for self-driving cars, while private consumers are a bit slow in embracing the idea, a recent survey found that more than half of small businesses (55%) believe that their fleets will be fully autonomous within 20 years. There’s no doubt that the future of automotive manufacturing is already here, but at the same time, major adjustments are in order for it to become the future we all wish for.
It’s easy to confuse autonomous vehicles with connected cars and think that both types of innovations are an exciting development worth waiting for, rather than a current and common product. Truth of the matter is, we all drive connected cars today. Our cars collect lots of data regarding many daily actions, some of it is already used by companies, and the rest will join the party soon enough. What every type of data and any type of innovative vehicle all have in common is the lack of proper security measures used to protect personal information, and our complete oblivion regarding the data that is being taken and how it is used.
Here are a few examples:
- Driving habits data: Insurance companies would love to know how fast or carefully each one of us is driving in order to provide a tailored policy to drivers, also known as Usage-Based Insurance (UBI), which is becoming increasingly popular.
- Location data: Our car knows where we are and what places we visit on a regular basis. Today, our smartphone enjoys the same access to information and offers different sales and discounts via apps such as Waze, but connecting businesses directly to this data is worth billions.
- Car maintenance data: The local garage and dealership would like to make special and incredibly relevant offers based on the latest malfunctions and maintenance requirements.
- Schedule data: Our daily route not only shares our location but also our plans for the day, every single day. This will allow businesses to make relevant suggestions that fit our current mood.
- Physical data: Our comfort settings can also let businesses know a thing or two regarding our physical preferences and conditions. Cameras installed inside the car can track our eyelid movement to tell how tired we currently are.
- Entertainment data: Our car’s entertainment system collects information regarding our musical preferences throughout the day.
And the list goes on and on. To put it in the words of the European Data Protection Supervisor, the EU's independent data protection authority, “the modern car is a computer on four wheels.” In fact, it has the power of 20 personal computers combined and the ability to process up to 25 gigs of data every hour.
It’s also important to note that self-driving cars collect data from non-users via sensors that are directed at the outside environment, which raises concerns regarding public surveillance performed by private companies and the further lack of choice. Needless to say, this list of data points also indicates countless improvements to our driving experience and daily lives, as long as it remains transparent and doesn’t threaten our data ownership.
Considering all of the above, it’s strange to see most headlines focus on the dangers of self-driving cars being involved in car accidents, rather than the danger of connected vehicles robbing us of our data ownership and causing dramatic data leaks. In 2018, the automotive industry suffered 10 major incidents within 10 weeks. These included hacks targeting Uber’s app, electric cars charging stations, keyless car systems, Tesla’s systems, and more. 2019 kept that awful momentum going with an increase of more than 300% in reported incidents during the first quarter alone, including a 72% rise in Black Hat attacks.
The automotive industry faces a few unique challenges when it comes to fighting the above dangers. Here are a couple worth considering:
- Market education efforts: Many drivers believe that their current car doesn’t collect data and that only by switching to a self-driving vehicle they will become exposed to data leaks and hacks. In addition to the need for more awareness surrounding data ownership and security measures, which is always an issue, this specific industry calls for in-depth educational efforts explaining the meaning of connected vehicles, their current data-collecting ways and sophisticated algorithms, and their currently insufficient security standards.
- Lobbying regulations: Some of the steps required to keep vehicle data safe involve regulation, which means that the strong lobbying efforts of car manufacturers, insurance companies and other organizations and businesses interested in our vehicle data must be taken into consideration. While some organizations have taken independent steps in the right direction, they are simply not enough. We’ve seen the Alliance of Automobile Manufacturers publish their Consumer Privacy Protection Principles, for instance, but self-regulation is only part of the solution in this case. We’d like to see more governmental efforts, like the US Government Accountability Office’s vehicle privacy report released in 2017.
Recent and upcoming developments in the automotive industry are a blessing. Systems that prevent accidents like the ones offered by Mobileye and Nexar improve public and personal transportation and make the world safer, as well as more accessible and connected than ever. For this burst of innovation to be defined as a true success story, more transparency, control and regulation are needed.
Individuals must be provided with tools that enable them to know what information is being collected, how it is being used and by which businesses and organizations. This information should be easily managed and shut down by consumers whenever they see fit, without having to provide explanations or wait for approval. Our car and every bit of data related to it belong to us, and we must get back in the driver’s seat and reclaim control.