As cars become more connected, two industry groups are aiming to educate consumers about the associated data and privacy practices in a new guide.
The guide by the Future of Privacy
Forum and the National Automobile Dealers Association outlines the different types of data that can be collected in connected cars, along with recommendations for managing privacy risks that come from
that data.
“The release of this guide is a critical step in communicating to consumers the importance of privacy in the connected car, as well as the benefits that car data can
provide,” said Jules Polonetsky, CEO of the Future of Privacy Forum.
“As car data grows in volume and gains attention from both the media and regulators, it is critical to find
creative ways to communicate with consumers in plain language how it works, how it can serve them and what options and protections exist,” Polonetsky said.
In addition to identifying the
types of data that have traditionally been collected from vehicles, which are mostly mechanically related, the guide lists new areas where data could be collected.
These new areas introduce
varying levels of personal information.
The fundamental difference seems to be that the data collected has typically been from the vehicle, but moving forward will be from, and about,
the occupants in the vehicle.
For example, the guide mentions vehicles using facial recognition to identify the driver to automatically adjust seat position preferences or tracking eye
movement to determine if the driver is falling asleep.
“For so many consumers, the idea that their connected vehicle is constantly collecting personal information is completely new to
them, and oftentimes something they’ve never even thought about,” said Peter Welch, president and CEO of the National Automobile Dealers Association.
“Consumers have every
right to know what kind of personal data may be collected by any vehicle they drive, but knowledge has to start with awareness. It is our hope that this guide helps generate awareness about privacy
and vehicle technology, and ultimately leads to more consumers feeling confident and safe in any vehicle they drive,” Welch said.
Here is the breakdown of types of data and how they are
collected:
- Vehicle’s location -- Navigation systems
- Vehicle’s external surroundings -- Backup cameras, assisted braking, lane warnings
- Inside vehicle --
Microphones and cameras for emergency services, hands-free calling
- User’s physical or biometric information -- Stored user preferences
- Any data from vehicle - Apps
integrating smartphone with vehicle systems
However, there has been action on the automaker side to protect sensitive data that is collected for most connected vehicle features or
services.
Many automakers follow the Automotive Privacy Principles, which were developed by the Alliance of Automobile Manufacturers and apply to vehicles starting with model year 2017.
The principles include providing clear and concise privacy policies, requiring consent before using sensitive data for marketing or sharing with third parties and clearly stating the ‘limited
circumstances’ in which data may be shared with government or law enforcement.
The alliance defines sensitive data as location, biometric or driver behavior data.
Most major
automakers have committed to following the Automotive Privacy Principles. Tesla is not currently listed as one of them.