Driving data: Who owns it, who wants it, and how to protect it

The data generated by modern cars can be worth billions to those who harvest it. Vehicle makers, their competitors, insurance firms, researchers and big tech are among those wanting to harvest and access it. But will you make a cent from the data you have helped create as a motorist? And will your data be safe from use by third parties and government?

It’s an emerging issue with modern cars and trucks having dozens of sensors that some estimate generate up to 25 gigabytes of data per hour.

Newer cars are increasingly accumulating data about engine performance and temperature, brake performance, tyre pressure, fuel consumption, speed, acceleration, cornering, kilometres travelled, oil level, battery charge level and steering. Data can be generated about the performance of individual components.

There’s also potentially personal data such as your driving alertness, speed, routes and destinations, fill-up points and restaurants you visit, and with sensors making their way into seat belts, the number of passengers.

Cars also might provide real time data about the environment, such as where it is raining based on the use of wipers, or sensors on an axle that can alert road authorities to rough road conditions.

It’s your action of driving that generates this data, so you might expect if there is profit to be made from making it available, then you, the driver, should benefit.

READ MORE: Data fuelling self-driving cars | ‘Crack down on data harvest’

This is deja vu, a re-run of who owns the data generated by your phone or tablet. Google and Facebook got in early there, using our personal data for advertising and marketing in return for free services. Consumers didn’t make a deliberate choice to transact with these social media giants, the deal was thrust upon them.

As vehicle computers and sensors become more sophisticated, it is likely again the main beneficiaries of this data will be others such as car makers, car component manufacturers, insurers, and firms offering in-car entertainment and food ordering systems.

The underlying question is who owns the data generated by your car now?

Lyria Bennett Moses, professor in the Faculty of Law at UNSW and director, Allens Hub for Technology, Law and Innovation at UNSW Law, researches the relationship between technology and law. Professor Bennett Moses says no one generally owns it.

“In Australian law, in particular, there is no general ownership of information,” she says. “Information is not an object of property rights,” adding that you cannot own data in the way you might own a laptop, house or land.

However, there are ways to monetise data access. Under contract law, you can agree to give access to data you hold for a fee. And there are safeguards. Under privacy law, those who collect your data must tell you what they are using it for and restrict its use to that.

Car makers are already going beyond leveraging data about car performance to other uses.

Last year The Wall Street Journal reported that General Motors was launching a car-insurance business that would set insurance rates by tracking drivers’ behaviour. Those who obey speed limits and drive carefully attract cheaper rates. Data generated during an accident could be reviewed to speed up insurance claims.

The scheme is being piloted by some GM employees and is due for release in the US this year.

The WSJ also reported a scheme by Ford Motor Company to beam car data to an insurance exchange, again with the promise of cheaper insurance for better driving. It said research firm Berg Insights had predicted nearly 50 million policies of this type by 2023.

Management consultant McKinsey & Company has predicted that the data in cars may be a $US750bn market by 2030.

However, that cash may not be coming your way. Professor Bennett Moses says owners may have given car makers’ access to their vehicle’s data without realising it, as part of the sale contract.

There is also the issue of law enforcement access. Could drivers or car makers be forced to hand over their data to police? Could police check your car’s data for speeding offences and could the data be interrogated during an investigation to see whether that car was nearby a murder scene? What about crash analysis?

There’s not just the data generated by cars; the move towards controlling transport flow at a network level will see authorities increasingly capable of checking individual driver behaviour centrally. What are the right privacy settings for that?

NRMA spokesman Peter Khoury. Picture: AAP

Some are fighting the seeming inevitability of this. In the European Union the General Data Protection Regulation (GDPR) introduced in 2018 includes data generated by on-board devices as personal data.

“The technical link between the data and a vehicle also implies a link to the vehicle operator whether an individual or a company,” says a French transport IT article by Scaldis Conseil. “As a result, data from connected vehicles is almost always considered personal, at least when it comes to companies collecting data directly from the respective vehicles.”

That provides a legal starting point for car owners/drivers to gain back some control over the data they generate.

In Australia, Assistant Treasurer Michael Sukkar announced a year ago that the federal government was designing a mandatory information sharing scheme that would require car makers share vehicle data with independent repairers.

In the meantime the Productivity Commission has released an issues paper for its “Right To Repair” inquiry which focuses on the underlying issue of selecting your own repairer “including facilitating access to embedded software in consumer and other goods”. Initial submissions are due by February 1, 2021.

The National Transport Commission in November 2020 produced a policy paper that zeroed in on government access to vehicle-generated data and automated transport. It references the same underlying privacy concerns.

“Recognising that vehicle-generated data is still at the nascent stage of development in Australia and that stakeholders remain unclear on priorities, there is an opportunity for governments to adopt a new policy approach,” the paper’s forward says.

On the issue of privacy, it says: “There is a strong need to maintain user privacy and ensure proper handling and protection of vehicle-generated data. In our workshops we heard that the level of privacy risk varies greatly depending on the use case and the richness of granularity of data required for each use case.”

It also notes there are commercial sensitivities affecting industry’s willingness to share data.

Big tech is not wasting time in homing in on vehicle data collection, storage and analysis, an activity where billions are to be made.

Last year BlackBerry and Amazon revealed they are joining forces to develop and market BlackBerry’s intelligent vehicle data platform.

“Modern cars and trucks are built with thousands of parts from many different suppliers, so the challenge is that each hardware and software component produces siloed data in specialised formats,” BlackBerry says in a statement.

“Additionally, there are highly specific developer skills required to interact with this data, which limits abilities to innovate quickly and bring new solutions to market it.

“BlackBerry IVY will solve these challenges by applying machine learning to vehicle data to generate predictive insights and inferences.”

This will be welcomed by manufacturers keen to use vehicle data to improve their products, but how broad will this data collection activity be?

Road associations believe more needs to be done to protect and empower consumers.

NRMA spokesperson Peter Khoury says the right of owners to data generated by their vehicle is “the starting point” for discussion. He supports the government’s plan for a mandatory information sharing scheme.

“The fact that they (motorists) can‘t easily get a car serviced at the location of their choosing because they don’t have access to that data is worrying,” he tells The Australian. “But it goes beyond car servicing.

“Cars are basically computers on wheels now. There is all manner of data that is collected.

“I think it is not unreasonable to expect that the primary owner of that technology is the owner of the vehicle. That‘s not to say that data shouldn’t be used or can’t be used but you would need to go through the necessary data laws to ensure this is done properly.

“Work is being done now by the federal government with the legislation that’s being drafted to talk about the major mechanical elements of the data but I think we need to go well beyond that now.

“People are buying computers on wheels now, and with computers comes almost limitless data, and laws need to be introduced to ensure that data is protected.”

Posted in Features and tagged , , , .

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.