• by Chase Martin , January 26, 2017

As cars become more connected, two industry groups are aiming to educate consumers about the associated data and privacy practices in a new guide.

The guide by the Future of Privacy Forum and the National Automobile Dealers Association outlines the different types of data that can be collected in connected cars, along with recommendations for managing privacy risks that come from that data.

“The release of this guide is a critical step in communicating to consumers the importance of privacy in the connected car, as well as the benefits that car data can provide,” said Jules Polonetsky, CEO of the Future of Privacy Forum.

“As car data grows in volume and gains attention from both the media and regulators, it is critical to find creative ways to communicate with consumers in plain language how it works, how it can serve them and what options and protections exist,” Polonetsky said.

In addition to identifying the types of data that have traditionally been collected from vehicles, which are mostly mechanically related, the guide lists new areas where data could be collected.

These new areas introduce varying levels of personal information.

The fundamental difference seems to be that the data collected has typically been from the vehicle, but moving forward will be from, and about, the occupants in the vehicle.

For example, the guide mentions vehicles using facial recognition to identify the driver to automatically adjust seat position preferences or tracking eye movement to determine if the driver is falling asleep.

“For so many consumers, the idea that their connected vehicle is constantly collecting personal information is completely new to them, and oftentimes something they’ve never even thought about,” said Peter Welch, president and CEO of the National Automobile Dealers Association.

“Consumers have every right to know what kind of personal data may be collected by any vehicle they drive, but knowledge has to start with awareness. It is our hope that this guide helps generate awareness about privacy and vehicle technology, and ultimately leads to more consumers feeling confident and safe in any vehicle they drive,” Welch said.

Here is the breakdown of types of data and how they are collected:

• Vehicle’s location -- Navigation systems
• Vehicle’s external surroundings -- Backup cameras, assisted braking, lane warnings
• Inside vehicle -- Microphones and cameras for emergency services, hands-free calling
• User’s physical or biometric information -- Stored user preferences
• Any data from vehicle - Apps integrating smartphone with vehicle systems

However, there has been action on the automaker side to protect sensitive data that is collected for most connected vehicle features or services.

Many automakers follow the Automotive Privacy Principles, which were developed by the Alliance of Automobile Manufacturers and apply to vehicles starting with model year 2017.

The principles include providing clear and concise privacy policies, requiring consent before using sensitive data for marketing or sharing with third parties and clearly stating the ‘limited circumstances’ in which data may be shared with government or law enforcement.

The alliance defines sensitive data as location, biometric or driver behavior data.

Most major automakers have committed to following the Automotive Privacy Principles. Tesla is not currently listed as one of them.