Karl-Thomas Neumann, CEO of General Motors‘ (GM) European Opel brand announced that GM would launch OnStar telematics service in vehicles sold in Europe in late 2015. The Opel CEO declared the new technology, “transforms the car into a true part of the Internet of things.” The Detroit Bureau says it raises some of the same concerns consumers face on the Internet, including how to protect their privacy in highly connected cars.
Even though a growing number of consumers have embraced the idea of having mobile access to smartphone apps, built-in Wi-Fi, and the safety and security promised by systems like OnStar issues loom that consumers, manufacturers, and regulators need to address. At the 2014 Consumer Electronics Show, Jim Farley, then the top marketing executive at Ford Motor Company (F), told an audience that the automaker “know(s) everyone who breaks the law, we know when you’re doing it,” thanks to the data collected by its OnBoard Sync technology system.
Despite a quick backtrack by Mr. Farley, the article says he was being truthful. The fact is, the onboard black boxes in most cars are now equipped with two-way capabilities. Privacy has become “a big issue,” according to Jon Allen, a principal with consulting firm Booz Allen Hamilton who focuses on security issues. Precisely what makes such technology so compelling is why it is also so worrisome. Mr. Allen told The Detroit Bureau,
Connected products provide customization and convenience because of the data they track. Part of the great opportunity to improve the customer experience is producing a vehicle that ‘learns’ your habits and preferences. But that information must be protected.
The EU takes privacy seriously and these types of tracking technology have drawn the attention of regulators in Europe and to a lesser extent, in the U.S. The article describes a measure of just how strongly Europeans feel about the issue that came during Opel chief Neumann’s news conference. Unlike the U.S. version of OnStar, the European system will include a “Privacy” button to let a user “choose whether they want to provide location information or not.”
That choice would only be over-ridden after a crash severe enough to trigger OnStar’s emergency call system, CEO Neumann explained. It’s designed to call rescue crews in the event of an accident severe enough passengers might be disabled.
There have been experiments with marketing that could target motorists much as Google today can toss ads at a web viewer based on information revealed by hidden “cookies.” Imagine, they suggest, being able to send a McDonald’s ad and virtual coupon to a car driving near one of its restaurants around lunchtime.
While some drivers might embrace that possibility, others are appalled. The Detroit Bureau reports the potential to reveal more detailed personal information, as well as allowing a vehicle to be tracked, is raising flags on both sides of the Atlantic.
In the U.S., an auto industry alliance recently agreed on an approach called “Privacy Principles for Vehicle Technologies and Services.” (rb- Which I covered here) Meanwhile, both the U.S. Federal Trade Commission and the National Highway Traffic Safety Administration are exploring the issues – though in some cases, they are actually encouraging greater access, noted analyst Allen.
The issue is further complicated by the threat of cyber-criminals exploiting vulnerabilities in-vehicle communications systems.
rb-
I first covered this threat in 2011 here and here. And the theoretical became real in 2015 when researchers demonstrated they could use online systems to take over a Jeep Grand Cherokee.
The threat to personal freedom and privacy in your car has accelerated as Apple (AAPL) and Google (GOOG) join Microsoft (MSFT) in the battle to rule the car. Apple’s automotive ambition does not stop at CarPlay, they are also focused on developing an iCar. Google’s Autonomous Cars ambitions are well known, but their efforts to take over the car cockpit are also taking off with Android Auto.
The government is contributing to the connected car conundrum. The Feds are abetting the Autos by trying to prevent security researchers from doing testing and reverse engineering that could improve security and safety for all of us according to Naked Security.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
The author speculates that the automakers are willing to abide by the self-imposed “rules” because they believe actual laws could become onerous. Sen. Edward Markey, D-MA is skeptical of the impact of the “rules.” He called them “an important first step,” but said it remains unclear “how auto companies will make their data collection practices transparent beyond including the information in vehicle manuals.”
