As AVs Rev Up, the Data Privacy Fight Could Shift to Your Car
There are plenty of unknowns regarding the future of self-driving cars, but one thing is certain: the mobility industry will be fueled by data. And that means automotive companies will have to address many of the same privacy issues that Facebook, Google, and other social media and Internet firms are grappling with now.
By 2030, global revenues from automotive data-related services are expected to reach between $450 billion and $750 billion, according to a McKinsey report from 2016. By 2025, an estimated 700 million Internet-connected cars will collectively upload 10 million terabytes of automotive data per month. Four terabytes will processed each day, the McKinsey report predicts.
Given the volume of information involved, some mobility experts have taken to calling data “the new oil.” That takes into account the potential monetary value of all that consumer data generated by AVs and their riders, which will no doubt be profitable. But there are also unanswered questions about privacy and the pitfalls of sloppy vehicle data hygiene.
How will data privacy work in autonomous vehicles that belong to fleets or shared car networks, which will have a series of owners and riders over the life of the machine? Will our digital footprint travel with us from car to car, similar to the way it does today with our smartphones? How vulnerable will driverless cars be to outside hackers and identity thieves? How will companies process and store the data going back and forth between cloud-based servers and connected cars? And how will the tech industry contend with computers on wheels that also require strict safety (and perhaps privacy) regulations?
Companies such as Otonomo are already helping industry players navigate some of these issues. Lisa Joy Rosner, the Israel-based firm’s chief marketing officer, says her company’s automotive data services platform is a neutral entity that works with car and tech companies to “ingest, secure, cleanse, normalize, aggregate, and enrich automotive data from multiple sources.” She describes the platform as a sort of Rosetta Stone that can translate and “reshape” raw vehicle data, which differs depending on the make and model.
“As the Internet of Things proliferates, we expect everything to talk to each other in order to service us,” Rosner says. “We’ve had some early successes in the EU because our products are built for [regulatory] compliance from the ground up, but we have active engagements with pretty much all of the automotive manufacturers.”
The US lags far behind the EU in terms of data privacy laws, but that could change. Last year, former California Governor Jerry Brown signed the California Consumer Privacy Act, which gives residents more control over their personal data. With a $7,500 fine per violation and no cap on fines, Rosner expects it will lead to national changes on the privacy front. (The public comment period for the CCPA just ended last month, so its implementation is coming soon.)
In Rosner’s opinion, consumer desire for effective AV services means they will have to agree to share personal, private data—but that also means the companies providing mobility services will have to be able to prove their trustworthiness. When Otonomo surveyed connected car owners about the in-vehicle services they currently get, such as navigation instructions, almost everybody surveyed said they wanted them, and 80 percent said they were willing to share their personal data to access them.
“Overwhelmingly, people with connected cars want services,” Rosner notes. “When we ask them who they trust, 77 percent said they trust [the company that makes their car],” with banks being one of the only entities that scores higher than automakers. Given the high level of trust already, does that mean automotive companies have a unique opportunity to monetize vehicle and rider data?
“At Otonomo, we don’t look at it like monetization,” Rosner says. “We look at data like, how can we make it useful?” The idea that good data stewardship will lead to increased customer loyalty, the adoption of new services, and better returns on technology investments is perhaps the more important monetization angle to consider, she maintains—an idea she feels automakers are beginning to warm up to.
“AVs will be our living room, home office, and playground on wheels,” she adds, and that will require allowing mobility companies to access personal data. “The car will be like a smartphone, but right now, we’re only in flip phone territory.”
Gail Gottehrer, an attorney based in New York whose practice focuses on emerging technologies, says the law is always reactive, but new technology is proactive. “We’re getting to the point where [driverless] tech is almost ready to go, but a lack of clear laws or regulations is holding it back,” she says. “I advise companies what to do during the gap.”
Gottehrer says despite the lack of federal AV regulations—there are currently a patchwork of state laws governing the testing and operation of driverless cars—privacy is top of mind for companies developing self-driving vehicles. That’s been especially true since the EU last year enacted General Data Protection Regulation (GDPR), the legal framework that stipulates how its citizens’ personal information is collected and processed.
“I teach a class at Columbia, and my grad students are shocked by the amount the car knows about you, and that’s before you plug in the phone or a dongle collecting information,” she says.
In the future, AVs will likely know your gender, the kinds of content you consume, … Next Page »