Modern field guide to security and privacy

Opinion: An automotive privacy collision

The National Highway Traffic Safety Administration owes it to motorists to set more robust and clearer privacy standards for connected cars.

Mike Blake/Reuters/File

For many motorists, privacy concerns end with whether or not another driver can spot the occasional nose pick.

But as cars become more connected, and on-board information systems become like fully functional computers that track motorists' every move, there's plenty of reasons to be more guarded about privacy while behind the wheel.

The National Highway Traffic Safety Administration (NHTSA) recently released an Automated Vehicle Policy with a section on privacy considerations. But it left many questions unanswered.

What are carmakers actually collecting about drivers? Who are they sharing it with? What are car companies doing to protect that information? And how will drivers know when they're giving away too much personal information? 

Here's a look at some of the points the NHTSA raises and what those could mean for drivers.

"Provide consumers with accessible, clear, meaningful data privacy and security notices. Explain how entities collect, use, share, secure, audit, and destroy data generated by, or retrieved from, their vehicles."

Automotive companies and software makers need to remember that drivers will be viewing privacy notices and agreements on a relatively tiny screen, in a high-risk environment that necessitates being alert and aware. These kinds of notices should be presented in ways that aren't easy to ignore but also shouldn't make drivers go through a lot of annoying steps.

"Offer consumers choices regarding the collection, use, sharing, retention, and deconstruction of data, including geolocation, biometric, and driver behavior data."

Tracking drivers can have direct, physical consequences if that information is shared indiscriminately. Because the stakes are high, automotive tech firms need to make these kinds of consumer choices easy to understand. And people need to be able to withdraw consent at a future date, if they decide they no longer want to allow certain information to be tracked or shared.

"Use data only in ways that are consistent with the purposes for which it was originally collected."

This is where things get dicey. There's no commonly accepted use yet of driver data. In the "Respect for Context" section of the Consumer Privacy Bill of Rights, which is frequently referenced in the NHTSA document, they mention targeted ads as something that some people now expect, but acknowledge that others find it problematic. This leaves a lot of ambiguity about what software makers are permitted to do with our data..

"Collect and retain only for as long as necessary the minimum amount of personal data required to achieve legitimate business purposes, and take steps to deidentify sensitive data."

While this is excellent advice for minimizing the exposure of data collected in cars, it's problematic when you consider location data. The routes each of us takes in our car between workplace and home, among other locations we frequent, are as unique as fingerprints.

"Implement measures to protect data that are commensurate with the harm that would result from loss or unauthorized disclosure of the data."

How would you quantify the harm that results from scammers getting something as "harmless" as your phone number and calling you hundreds of times a day? Or email addresses, which they could use to send you emails that might contain malicious software or harmful links? How would a software vendor quantify that same risk? I’m betting that their assessment would be wildly different than yours.

"Implement measures to maintain the accuracy of personal data, and permit users to review and correct information."

But how would they rate the problems associated with having bad data, compared to how you would rate it? And even if we could all agree on what the level of risk is, what should they be doing about it?

"Take reasonable steps to ensure that the entities that collect or receive consumers’ data comply with applicable data privacy and security agreements."

An excellent idea in theory, but vague in practice. Is it "reasonable" to just ask those entities once and take their word for it? Or does "reasonable" mean auditing those entities on a regular basis?

Unfortunately, this new automated vehicle policy inherits vague verbiage the associated problems with the Consumer Privacy Bill of Rights. American motorists deserve better. If we can't come up with acceptable and clearer privacy standards for cars soon, drivers will simply remain lost when it comes to privacy on the road.  

Lysa Myers is a security researcher at ESET. Follow her @LysaMyers.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Opinion: An automotive privacy collision
Read this article in
QR Code to Subscription page
Start your subscription today