Who’s Driving Regulation for Connected Cars?



When Henry Ford released the Model T in 1908, do you think he imagined his innovation becoming what it is today? It’s impressive how far we’ve come from over a century ago. 

In today’s vehicles, microcomputers track our every move while going about our daily lives. Experts estimate that a car can produce up to 25 gigabytes of data an hour and up to 4,000 gigabytes a day. This goldmine of data could be worth up to $750 billion by the time 2030 rolls around! 

John Verdi is the Vice President at Future of Policy Forum, a think tank in DC, where one of their focuses is on this very topic. John says, “We’re cognizant that data protection challenges, privacy risks, privacy harms, are forever looming… our goal is to help craft best practices and other sorts of approaches to help maximize the benefits of data-driven technologies and minimize the risks.” John recently joined us on an episode of The Bistro to help us understand all the latest news swirling around data collection in our cars.

Up to this point, the efforts to safeguard consumers and businesses have been self-regulated by the automakers and a non-profit called Auto Alliance. The Automotive Consumer Privacy Protection Principles were established in 2014 and agreed upon by 20 different automakers. Every couple of years, they re-visit and revise the framework to keep up with the latest automotive innovations. Though our federal government has been called upon to form official legislation, they have yet to resolve this in the Senate due to language discrepancies within the bill. 

Lately, the European Union seems to be crossing the finish line first on this issue. The General Data Protection Regulation (GDPR) makes it clear that all car data does, in fact, belong to the vehicle owners. Furthermore, vehicular data is protected under the privacy laws established by the GDPR. 

Not only does this issue impact the car owners and the automakers, but it also could affect your local auto mechanic. The data collected is something that is necessary for your mechanic to assess maintenance or repairs. Normally, there’s a port they plug into to access all of your data. Repair shops fear that automakers could push to have this data port completely removed. If this occurs, it’s going to be a huge roadblock for mechanics to be able to access pertinent information needed to perform their services. 

Then there’s the third-party factor. When we say third parties, we are talking about law enforcement, retail groups, and anyone who would be interested in your data for their benefit. When it comes to this exchange, there isn’t a whole lot of clear standards for these scenarios. The Automotive Consumer Privacy Protection Principles say they have guidelines established for this purpose, but advocacy groups are concerned whether these are enough. 

It’s still unclear how regulation for data privacy in connected cars is going to roll out here in the states, but one thing is certain. Our cars are rolling computers. The quicker we have regulation, the less we will run into speed bumps on the road to data-driven cars. Speaking of, listen to our podcast for more great insight on all the need-to-know information!