States Appear On The Frontier Of Your Car Privacy Protection

The future of automotive data privacy legislation in a nutshell


With the advancement in big data and cloud technologies, personal data privacy issue has become more urgent than ever.

Traditionally privacy-sensitive industries, such as healthcare and finance, have long been relying on legislation in terms of data privacy protection. However, though, as we are on the cusp of a tectonic shift in the way we deal with the sensitive information, it may need a substantial update.

For instance, healthcare has become a platform for introducing the IoT technologies. This means, for example, that health records will now be stored online to be easily accessed by the patients from their own devices. Though heavily protected, they may, theoretically, fall into the hands of the wrong people (careless employees, for example). It implies a totally different legal approach to data privacy protection has to be applied.

However, until a new legal foundation is created, consumer privacy is at risk. Legislation gaps inevitably cause situations when third-party brokers gain an unauthorized access to the sensitive data, and use it for targeted advertising of their goods and services, or in any other way they are not entitled to. Sounds scary, but nowadays, when practically every speck of information can be used to identify a particular person, we are as reachable to the bad guys as never before.

As technology is penetrating into each and every sphere of our life, more industries start facing the issue of protecting data privacy. The thing is that a smooth legislative path hasn’t yet been paved for them.

Pitfalls of the US privacy legislation

Let’s get one thing straight: there is no unified legal framework for data privacy protection in the US.

The data privacy protection forum held at MIT, in March 2016 manifested a split between the US lawmakers, Silicon Valley representatives, and tech industry lobbying organizations. Though, consumer data privacy remained a number one priority by default, representatives of tech companies voiced their concerns that too many regulations might hinder the technological progress.

The history of the legislators-manufacturers relationship in the context of data privacy showcased that the national government is likely to play safe when it comes to the technologies they are not well-versed in. In 2012 and 2015 respectively, the outgoing President Barak Obama - known for being tech-savvy - made two attempts to enable a set of privacy guidelines and principles known as the Consumer Privacy Bill of Rights. It would have advised manufacturers on how to deal with the sensitive information, and served as a protective shield for consumers. However, it was never enacted.

In the meantime, inventors driven by the mind-blowing opportunities of where technologies can take the mankind to are not willing to be restrained by the government hesitancy. Such major players as Google and Facebook support the vision that privacy issues should primarily be controlled by customers, while companies should make their privacy policies public to enlighten users on how their personal information is going to be handled. On the other hand, major Silicon Valley stakeholders are worried the new administration may want to have access to the users’ data. Here the consumer bill of rights might come in handy.

While debates between legislators and tech representatives are heating up, another question arises: what to do with those industries where the issue of personal data privacy protection has never lied on the surface till the moment?

New frontier

Let’s consider automobile industry. We are about to witness a revolution in the way we perceive transportation itself, and a vehicle as a means of transportation.

Modern cars are practically safe havens in terms of accident prevention, but instead, they have become too vulnerable to external intrusion. Infotainment systems and inbuilt tablets processing terabytes of road data, gathered by the recent telematics marvels 'open' the way to a car’s crucial parts, e.g. brakes or even engine. Besides, the data, such as the exact vehicle location, speed, remaining gasoline, etc., may be used for malicious purposes if it falls into villains’ hands. In case the driver uses his personal mobile device as a processing hub, all private information it contains is also at risk.

The challenge here is that if there should be some privacy regulation framework, it has to be created from scratch, and the attempts made by proactive and tech-savvy politicians haven’t yet brought any fruit.

In 2015, Senators Markey and Blumenthal proposed SPY Car Act, which marked one of the first tries to handle data privacy issues in the automotive on the national level. The bill suggested that manufacturers should install protective software in the cars to prevent driving information, including a car’s location, speed, position, and, most important, personal information from being accessed by unauthorized parties.

Had the act been enforced, manufacturers would have been obliged to provide car owners with the means of detecting and trumping unlawful access to sensitive information. Besides, car owners would have been notified about the collection of such information and provided with the opportunity to terminate it with some exemptions. In other words, a kind of a consumer’s consent to use personal information would have been required.

However, upon introducing, the bill immediately split the Senate into two adversarial groups. Those opposing the bill insisted the lawmakers would not be able to keep up with the rapidly advancing technologies, so industry players should first step up. Eventually, the Senate read the bill twice and referred it to the Committee on Commerce, Science, and Transportation.


While the national government is slightly reluctant and – let us be honest – a bit hulky to keep up with the digital marketplace, the states have appeared on the frontier of the modern automotive industry. Some of them, such as Nevada, California, and Pennsylvania have started cooperating with the car manufacturers and tech startups leading the 3rd transportation revolution, serving as the platforms for launching, testing, and introducing the brand-new automobile solutions.

It is hard to deny that the coming automobile revolution would change the way life is organized in the cities and the states as a whole. The industry developing with the supersonic pace would attract flows of investment, and transform the city environment according to the modern understanding of a livable city - focusing on people, not cars.

In this regard, early adopters would gain a competitive advantage against other, less tech-friendly states, in technological, infrastructural and, more important, legal senses. State governments would have to embark on a dialogue with the car industry players concerning data privacy regulation, and eventually, come up with a piece of legislature, thus, setting the pace for the rest.

It is obvious that at first, there would be a legislation patchwork. However, rather sooner than later, the disadvantages, both economic and legal, would surface. Companies relying on the fleet in their daily operation would find it extremely hard to expand nationally amid the lack of proper legislature, and the states lagging behind would have to catch up under the pressure of manufacturers and tech lobby, eventually making the national government follow. Thus, technological progress and desire to be competitive in the modern market would give a necessary impetus to the cumbersome legal behemoth.

Bill Peduto, the mayor of Pittsburgh, Pennsylvania, a platform for Uber’s tests of its self-driving Fords, said that regulation should never come before innovation. Probably, adopting a do-no-harm stance towards a rapidly advancing industry is not a bad idea so far.

Big data hype small

Read next:

Is Big Data Still Overhyped?