Donate |

How your car is tracking you

You’re trading personal information for safety and convenience

Published: July 2014
Illustration: Post Typography

Many drivers have a strong, knee-jerk reaction to the idea of “black boxes” in cars. When the National Highway Traffic Safety Administration asked for public comments on a proposed rule that would require all cars to have an event data recorder, commonly called a black box, its website was swamped by more than a thousand comments from people who were concerned about the privacy implications.

  • “Big Brother is watching! No way should we allow ‘black boxes’ to be required on all new cars.”
  • "It is not the role of government to be spying on its citizens.”
  • “When the government starts making my car payment ... they can know where I’m driving.”

Invasive or not, the information captured by EDRs is just a trickle compared with the ever-growing stream of personal data flowing from our cars and electronic devices. Moreover, we often willingly trade that data for increased safety and convenience.

“Most people carry a cell phone, which is the most privacy-invading device in the world today,” Fred Cate, director of the Center for Applied Cybersecurity Research at Indiana University, said. “So before people go screaming to the state legislature over auto privacy, it’s worth at least keeping in mind that we have already given up that battle.”

What’s in the box?

EDRs are already used in 96 percent of new cars “to provide critical crash data that might not otherwise be available,” the NHTSA says. Contrary to what many people think, an EDR doesn’t transmit a constant flow of data from the car. According to the agency, it’s an electronic memory chip that records a continuous loop of information flowing from the car’s sensors and control modules. When a crash occurs, the EDR captures about 5 seconds of data before the event and less than 1 second after it. That includes how fast the car was moving, whether the brakes were applied, the timing of air-bag deployment, and safety-belt use. The data can be accessed only by connecting a special reader to the car.

That provides a wealth of information for auto-safety analysts and accident investi­gators, who can evaluate how a vehicle performed in very specific crash circumstances. Ultimately, drivers benefit from it through the safety advances in design and technology that will be used in later models.

A more immediate benefit is that the crash data can also help first responders decide where to send a crash victim for treatment. “We are really focused on what is the severity, what’s the time sensitivity, and what’s the predictability of all the potential injuries that someone can get in a car crash,” Joel Stitzel, Ph.D., a professor and chairman of the biomedical engineering department at Wake Forest University, said. “And how do we use that information to make the best decision about them?”

Still, there is concern about the accuracy of the data, who owns it, and how it’s being used. The NHTSA says that it considers the information the property of the vehicle owner, and automakers say that the data is accessed only with the owner’s consent.

But Sean Kane, president of Safety Research & Strategies, a company in Rehoboth, Mass., that studies product hazards, cautions that EDRs can be used against drivers in court cases and that sometimes the information doesn’t match the physical evidence in a crash. Also, insurance companies might ask for access when disputing a claim.

Fourteen states have EDR privacy protections in place. For the rest, “It’s the wild, Wild West, because people aren’t going by the rules and are grabbing the data for any reason they want,” Tom Kowalick of the Institute of Electrical and Electronics Engineers Standards Association said. People in those states are still protected by the Fourth Amendment, but it might not be enough.

“You’re never really secure until something gets put into law,” Jay Stanley, senior policy analyst at the American Civil Liberties Union, said.

In an attempt to bring about more clarity, the Driver Privacy Act was introduced in the U.S. Senate earlier this year. The act specifies that EDR information is the property of the car owner and that in most cases, it can’t be accessed without consent. For details on state laws, go to the National Conference of State Legislatures website, at ncsl.org.

Consumers Union, the policy and advocacy arm of Consumer Reports, says that having EDRs in all cars is an important step toward improving auto safety. But it also says that car owners should own the data and that the privacy concerns of consumers should be respected.

Remote connections

Modern telematics systems, such as GM’s OnStar, Mercedes-Benz’s Mbrace, and Hyundai’s BlueLink, can be a great aid to drivers. They can expedite help from first responders when there’s a crash, help the police track down a stolen vehicle, and find nearby gas stations or restaurants. They can also let automakers perform remote diagnostics of the car while you drive. If a “check engine” light goes on, an automaker could diagnose the problem, let you know what it means and what to do, and even schedule an appointment at a dealership.

Though EDRs capture only a few seconds of data, telematics systems provide a regular stream about a car’s location and other parameters. And it’s not clear what data is collected and what is done with it. Even automakers don’t seem sure about the best ways to use it.

“We’re in this dead space between getting cars connected and delivering a compelling value proposition for the customer to compensate them for surrendering their privacy,” Roger Lanctot, associate director at Strategy Analytics, a consulting company in Massachusetts that specializes in technology markets, said. He said he thinks that automakers should stop charging a subscription for those services, because the information gathered is worth more to them than it is to the customer. Instead, he says, crash notification and service scheduling should be free, and drivers should pay for the convenience features.

Telematics can also be used to update vehicle electronics systems remotely. Recently, Tesla updated the ride-height suspension in its Model S electric cars through a software push after an NHTSA investigation concerning fires caused by contact with road debris. Similarly, automakers could easily alert drivers about recalls or customer campaigns through the car, and even make safety upgrades without requiring the driver to go to a dealer.

The use of telematics data can be a slippery slope, though. In 2013, when the battery life of a Model S car was contested by a reporter for The New York Times, Tesla was able to produce data that appeared to show that he was draining the battery on purpose. The reporter argued that he was just having a hard time finding a charging station in the dark. In that instance, using the data at face value showed some holes. Is that happening to everyone or just reporters, Kane wonders. And are car companies unnecessarily tracking drivers without their knowledge?

Trading privacy for a discount

Illustration: Post Typography

Insurance companies are finding their own way to use telematics data to help drivers save money. A model called usage-based insurance allows consumers to reduce their premiums in exchange for providing driving data. State Farm’s Drive Safe & Save program gathers odometer readings through OnStar and Ford Sync subscriptions, and in exchange a discount is applied to those who travel less. State Farm also has its own monitoring system called In-Drive. A device is plugged into a car’s diagnostics port to collect data related to the distance driven, acceleration, braking, turns, time of day, and speed. Those factors are calculated to provide a discount between 1 and 50 percent. Drivers can see their grades online and earn more savings by improving their driving habits.

State Farm’s website says that the data is used only to calculate a driver’s discount. In an e-mail to Consumer Reports, the company claims that it isn’t used “for purposes of cancellation, nonrenewal, or surcharge of the auto policy.”

Progressive Insurance has a similar program called Snapshot, which uses a plug-in device to track how much you drive, what time of day, and how often you brake hard. An initial discount is given after 30 days and after six months of driving, the discount is recalculated and the device is sent back. Dave Pratt, Progressive’s general manager of usage-based insurance, says that the company saves the data it collects for research purposes, and that it’s “very unlikely we will ever share an individual’s personal information."  "But it’s useful to aggregate data,” he continued. Upon request, Progressive has provided automakers with a summary analysis of the collective data to help provide insights into driving behavior.

Critics are concerned about the motivation of insurers that offer those deals. “No insurance company has any interest in reducing profits,” Thilo Koslowski, vice president and lead automotive analyst at Gartner, an information technology research company, said. But there are other benefits to insurers. “Our goal is to attract good drivers and keep them as customers for a long time,” Pratt said. The data can also help insurers evaluate risk and set premiums.

Privacy down the road

In-car connectivity is still in its infancy, with more driver benefits to come and more privacy concerns to surface. Partnerships are booming between automakers and technology companies such as Apple, Facebook, and Google, although the car companies say they don’t share personal data with them.

Koslowski sees a future where the government aggregates data about where people drive and uses it to ease congestion or pollution. Automakers are looking for ways to make money from the data by matching personal information with advertising.

Going forward, drivers will probably see location-based ads on their cars’ infotainment screens, for example, that offer coupons or discounts for nearby outlets. “Everyone is looking for another stream of revenue, and data is our next stream,” Cate said.

“There are hundreds of billions of dollars of economic activity that are enabled by the car,” Lanctot said, “and it’s wide open.” Food, fuel, tires, parking, and more could be targeted. All will probably take advantage of location, customer information, driving behavior, and service history. But if automakers don’t get those messages right, “they will come across as crazy and alienating.”

Six ways to protect your data

Illustration: Post Typography

The connected features in today’s cars provide many benefits. They include using GPS navigation to get to a destination, pairing a phone to an audio system to play downloaded music or to easily answer calls, or using apps in an infotainment system to find food or gas stations. The trade-off is giving away some personal information. But there are ways to safeguard it.

  1. Stay anonymous. Don’t share self-identifying infor­mation such as your Facebook status or publicize your location on social media. Also, don’t store an address labeled “home” in a navigation system; instead, store the address of a public place.
  2. Scrub the data. When selling a car, clear the navigation system of recently visited addresses, or adjust the settings so that the system doesn’t save locations that you input. Don’t download contacts to the car’s phone system, and turn off the phone’s Bluetooth connection to the car when you exit. Keep in mind that a mechanic or valet could easily access personal information if your phone is within range.
  3. Read the fine print. Every company has a privacy policy, but many people don’t read it. “Pay very close attention when you order any kind of in-car services about what their privacy practices and policies are,” Jay Stanley, a senior policy analyst in the Washington, D.C., office of the American Civil Liberties Union, said. “And do not accept something you don’t want.” Consumers can use their market power to demand good privacy, he says.
  4. Cancel the data flow. If you’re selling a car that has a telematics system or if you decide not to use it anymore, contact the company to let it know. Confirm what happens after you opt out and what is done with previously collected data.
  5. Don’t leave a trail. If you’re concerned about the security of other information sent from your car, use cash instead of electronic toll-collection devices such as E-ZPass. Also, don’t just turn off your cell phone; take out the battery, because phones still have tracking capabilities even when they’re shut off.
  6. Think security. Don’t leave a portable GPS unit or any other electronic device in your car; take it with you. Lock your glove box if that’s where you keep your insurance and regis­tration information. And use a valet key instead of handing over your personal car keys.
Editor's Note: This article also appeared in the September 2014 issue of Consumer Reports magazine.
   

E-mail Newsletters

FREE e-mail Newsletters!
Choose from cars, safety, health, and more!
Already signed-up?
Manage your newsletters here too.

Cars News

Connect

and safety with
subscribers and fans

Follow us on:

Cars

Cars New Car Price Report
Find out what the dealers don't want you to know! Get dealer pricing information on a new car with the New Car Price Report.

Order Your Report

Mobile

Mobile Get Ratings on the go and compare
while you shop

Learn more