Privacy issues arising from technology often share more or less a similar story. A technology is usually developed with simple intentions to enhance a feature or perform a modest task. The fittest of those technologies survive to serve a wide set of users. However, as more information is logged and transmitted, a growing concern over privacy surfaces until that privacy issue devours the once simple technology. We have observed too many of these stories. Notably, each of the social networking sites that took turns in popularity were developed as a means to host personal opinions and connections. That never changed, except the discussion around privacy infringements exploded and profoundly affected the direction of the sites. The baton for the next debate seems to be handed over to On-Board Diagnostics (OBD). OBD is a device that is placed behind driver dashboards for the sake of collecting data on the car, such as whether or not tire pressure is low. But more features have been added with more to come. Addition of entertainment systems, cameras, and navigation devices contribute richer layers of data onto the OBD.
Originally developed to track maintenance information and later gas emissions, OBD is attracting mounting concern in its expanding capability to inflict some serious privacy violations. Much like the social network sites, OBD is becoming a lucrative source of rich data. In the case with cars, insurance agencies, advertisers, manufacturers, governments, and hackers all have an interest in the data contained in the OBD. For example, some insurance companies have used information from OBD to measure driving distance to determine discounts to drivers with low mileage. And other insurance companies are issuing monetary incentives for customers to submit information from their OBD. Manufactures can use the information to improve their cars and services. And governments can monitor and regulate traffic and gas emissions with the information. Advertisers can be guided with the information as well. Of course, the distribution of information to insurers and marketers seem trivial when you weigh the harm in a possible hacking incident.
As more OBDs are being loaded with internet connectivity functions, the vulnerability may be worsening. The types of information are no longer limited to whether or not your tires are low in pressure. More personal information such as your preference of music, number of passengers, and real time location. Location data can be used to infer your home address, school or office, choice of supermarkets, and maybe even your religious views or night life habits. Cameras in and around the vehicles can supply streaming videos as well. While each of these devices are useful in enhancing driver and passenger experiences, the privacy and security concerns are indeed alarming. Moreover, OBD loaded on a “smart” car can collect more information more accurately, and share the information faster with a wider audience. Unlike those of smartphones, however, developers of smart cars face bigger challenges in keeping up with the rapid technological evolution. Also, even if choices were offered to turn off features of the OBD, many of them are still likely to remain on as safety concerns may override privacy concerns. The question of ownership of the information is also debated in the absence of clear rules and regulations.
A collaborative effort involving governments, manufacturers, and cybersecurity professionals is needed to address the privacy and security concerns arising from OBD. In the United States, senators introduced a bill “Security and Privacy in Your Car Act of 2015” that reads cars to be “equipped with reasonable measures to protect against hacking attacks.” However, the bill is too ambiguous and will be difficult to enforce in a standardized way. Manufacturers, while acknowledging the possible risks associated with OBD, are not fully up to speed on the matter. Federal and state governments need to take leadership, with the cooperation of manufacturers and security professionals, to make sure safe and reliable automobiles are delivered to customers. How we collectively approach the issue will certainly affect what cost we pay.