In a public hearing last year, the U.S. Senate rightfully shamed the social network giant, Facebook, for betraying their member’s trust by failing to protect their account data. In equal measure, automakers should not be entrusted to safeguard their customer’s personal privacy.
Known as telematics that wirelessly streams data in both directions, this software on wheels can be overly intrusive in multiple ways. With Big Brother panning for valuable nuggets off connected cars and trucks, drivers will end up more exposed and distrustful of these platforms. To thwart data abuses from occurring or depravation of choice, it is imperative to empower the lawful vehicle owner to authorize how their manufacturers will manage these pools of information.
Many Asian companies like Honda and Kia acknowledged these concerns in an open letter to the Federal Trade Commission in March 2017. When handled judiciously, this data promises a beneficial experience in a bouquet of convenience, safety, and performance. This service tracks identifiable information of the automobile’s whereabouts and how the operator runs it. In this non-binding memo wrote the signatories, they bring better technological know-how than the FTC and the National Highway Traffic Safety Administration to regulate everyone’s privacy and cyber security. When the sales agreement is signed asserts Honda, (Ford, and GM in separate statements) they insist that a customer can decline any data connection from the auto.
However, few details were outlined on how much driver behavior information would be shared with third parties. Equally concerning in this pledge is why the manufacturers glossed over the opt-out clauses that are inserted somewhere in an obscure spot on the vehicle sales agreement. Ostensibly missing from this group assurance were Detroit’s big three and Europe’s major players.
Does this behavior resemble 2018, the year of misdeeds by the handlers of the Facebook accounts? Facebook confessed that the British consultancy, Cambridge Analytica had improperly scraped juicy tidbits from tens of millions users without their knowledge nor consent. Weeks later after apologizing to the Senate committee, the company admitted to a wholesale security breach, and then The New York Times spotlighted them for letting Netflix and Spotify into the data trove. Compared to the stricter European standards, meaningful tools to offer consumer protection are scarce and oversight is lacking.
As reality stands, too many drivers are unaware that Big Brother is creeping about the car. According to The Washington Post, nearly 80 million cars and trucks—and counting—come with a plugged cyber connection to monitor every movement, which some perceive as mundane. But, Otomono, an Israeli analytics firm sees a goldmine. By helping their OEM partners churn connected car data into actionable insights, Otomono in turn sells the driver’s trip history and service maintenance on the open market.
Once the vehicle sales contract at the dealership is signed, everything is perfectly legal, but far from transparent. Law Enforcement and commercial businesses like fuel station chains that buy this refined customer information can learn much about someone’s most intimate habits. Imagine how someone may feel when an auto dealer or a national car care retailer knows about regular visits to the independent installer and uses that data to promote their services. This model can apply to trips to more personal venues like to a health clinic.
If these manufacturers insist that they can police themselves to a higher standard than Google, Apple, and social media sites, the smartest move is to address every consumer worry about privacy and security. Three fixes might set a favorable precedent and even build brand confidence. First, all policies regarding sharing data to brokers by the OEM ought to be centered on consent in the most eye-catching way.
Future buyers deserve to know what information is being amassed, who collects it, and who buys it. At any point in time during the duration of owning the car, the customer ought to be free to decide that the dealership can manage the information, but no one else, or share it with certain parties like an insurance company but barring unrelated firms. And conversely having the right to choose their own independent repair shop rather than being steered to the dealership will prove that the neutral manufacturer is not taking sides.
Next, as mobile phones have hard wired switches or an airplane mode, building a similar option in the car would build peace of mind. Finally, consider monetizing data, a long-time profit stream. Since Facebook or Instagram is a free service, auto buyers should not be paying for the same privilege. Rather, for purchasing a vehicle, the manufacturer should be rewarding the driver(s) who agree to give away their data.
There is no guarantee of the likes of a VW, Toyota, or GM from establishing this level of consumer empowerment at the expense of restricting the flow of telematic data. The more information that is harvested, the temptation to monetize it to their gain is greater, which is why a self-regulating body does not benefit the consumer. This dynamic frightens the Auto Care Association. Controlling the distribution and sharing of the data will result in less choices of repair facilities other than what the automaker suggests. By default, independent installers risk being shoved out of the marketplace.
A practical enforcement solution is to elevate the FTC whose primary role is to prosecute deceptive trade practices and misleading consumers about shared data. One shortcoming cited by The New York Times is that the FTC has limited resources and staffing to prove wrong doing. In the case of the Auto Care Association’s claims, the FTC needs compelling evidence showing how the automakers inflicted harm on the customers. A concerted effort to actively lobby for robust regulation where consumer control is balanced with advancing vehicle technology is desirable, but Congress is at an impasse with themselves to introduce legislation.
Perhaps when the damage is done or that documentation of abuse surfaces will Big Brother stand down. Sadly, in these events, it is the consumer who ends up hurt, but rarely the people who manage the social networks, data brokerage firms, or those inside the corporate suites. The easy way of course is for the manufacturers to make loud and clear improvements on the original pledge to the FTC by placing the right to consent atop the purchase contract. It is still early in the New Year for someone to take the high road.