Connected/ Automated Vehicle Privacy Issues: Lessons From Toll Highway Authorities

Download Connected/ Automated Vehicle Privacy Issues: Lessons From Toll Highway Authorities

Post on 26-May-2015




0 download

Embed Size (px)


Presentation for the 2014 Transportation Law Workshop looks at the way vehicle and customer information is being collected by toll highway and other transportation authorities through methods that include: (i) electronic toll collection; (ii) automated license plate readers; (iii) roadway cameras; and (iv) vehicle "black boxes." Presentation suggests that transportation lawyers will have to become experts in privacy issues because transportation agencies will be privy to massive amounts of roadway user trip data and other such information. Toll highways have a head start because these have been collecting payment information and trip data from their customers for over a decade. Their experience will help inform how transportation agencies will deal with the increasing amounts of data generated and shared by connected vehicles.


<ul><li> 1. Connected/Automated Vehicles Privacy Issues 53rd Annual Transportation Law Workshop Thomas J. Bamonte (@TomBamonte) General Counsel July 14, 2014 </li></ul> <p> 2. 2 Overview 3. 3 Overview of Highway Tolling Toll highways/bridges in over 30 states 2,900 miles of tolled interstates in 21 states 5+ billion trips handled annually Tolls = approx. 30% of federal gas tax revenue Industry moving to all electronic tolling (AET) AET makes tolling a more viable alternative to gas tax funding 4. 4 U.S. Toll Highway Network 5. 5 Mechanics of Electronic Tolling 6. 6 Growing Transponder Account Customers 7. 7 Pay-by-Plate Customers 8. 8 Trip Data Collection 9. 9 Emerging Tolling Methods 10. 10 Toll Violation Enforcement: ALPR 11. 11 HOT Lane Enforcement 12. 12 Continual Video Coverage 13. 13 Black Box Event Data Recorders Capture crash-related data o Pre-crash vehicle dynamics and system status o Driver inputs o Vehicle crash signature o Restraint usage/deployment status o Post-crash data such as the activation of an automatic collision notification system Installed in most vehicles NTHSA mandate forward 14. 14 Highway User Information Collected Customer Account Home address Personal financial information (Non)payment information Vehicle ID license plate and VIN Vehicle Occupant Data Travel Pattern Data Time, place, direction, vehicle Speed derived Years of data Vehicle Operation &amp; Event Data 15. 15 Current Protections of Tollway User Privacy Contract: Transponder customer agreements Customer account and trip data shielded from general disclosure; use allowed o When conducting tolling business o In response to court order (e.g., warrant) o When aggregated (e.g., studies) o High data protection standards in place (e.g., PCI compliance) 16. 16 State Law Protections Customer account information &amp; trip data = FOIA exception Mandated privacy policies &amp; data security requirements Laws governing ownership &amp; use of event data recorders General data security &amp; breach notice requirements ALPR regulation 17. 17 Federal Law Protections Drivers Privacy Protection Act Various consumer law protections Federal legislation introduced to protect locational privacy including vehicles Jones &amp; Riley decisions 18. 18 Emerging Privacy Challenges Vehicle as Cellphone on Wheels 19. 19 Vehicle as Data Generator 20. 20 Vehicle Data Mining and Rewards Drivewise by 21. 21 Driver Fitness Monitoring 22. 22 Vehicle-to-Merchant Data Mining/Use Google Car as platform for searches Vehicle displays targeted advertising from nearby merchants iBeacon for automobiles Consumer data privacy issues similar to other devices/platforms 23. 23 Vehicle-to-Infrastructure Data Mining Highway authorities may have interest in harvesting data o Safety: Identify vehicles behaving erratically o Payment: Identify vehicles for toll payment o Enforcement: Identify stolen vehicles or vehicle involved in commission of crime o Identify: Hazardous situations (e.g., swerving around object) and communicate downstream o Traffic management: Immediate notice of slowdowns and congested areas 24. 24 Challenges: Unrelenting Gaze ALPR deployed widely but not regulated GPS data uploaded from smartphones 24/7 video surveillance Peering inside cars with infrared M2M data sharing Will surveillance state/economy prompt a consumer backlash? 25. 25 Conclusions Transportation lawyers will have to become privacy law experts Highway authorities becoming more like utilities w/ associated consumer business issues Toll highway authorities have head start on managing customer relationships &amp; protecting trip data Highway travel subject to intensive surveillance Patchwork of state laws may be reflective of limited public concerns about privacy to date That may change. . . . 26. 26 Established Principles Customer account and trip data shielded from general disclosure; use allowed: When conducting tolling business In response to court order (e.g., warrant) When aggregated/made anonymous (e.g., studies) High data protection standards (e.g., PCI compliance) Vehicle data belongs to vehicle owner No transfer of data to 3d parties w/out consent 27. 27 Lessons Highway authorities are increasingly high-volume consumer businesses with concrete Connected vehicle raises multiple privacy concerns not addressed by existing toll authority-customer framework Managing the technologies that put vehicle travel under an unrelenting gaze pose pressing challenges in near future 28. 28 What Lies Ahead: Connected Vehicles Connected vehicle applications provide connectivity: o Among vehicles to enable crash prevention o Between vehicles and the infrastructure to enable safety, mobility and environmental benefits o Among vehicles, infrastructure, and wireless devices to provide continuous real-time connectivity to all system users </p>


View more >