The Automotive Black Box Dilemma
Can Disruptive Technology Also Protect Privacy?
While the National Highway Traffic Safety Administration (NHTSA) was studying Event Data Recorder (EDR) technology, the Institute of Electrical and Electronics Engineers (IEEE) issued in 2004 the first universal, voluntary standard specifying minimal performance characteristics for memory devices in autos, trucks, buses, ambulances, and fire trucks.
IEEE Standard 1616 is an international protocol issued to help manufacturers develop black boxes with up to 86 data elements that will survive in crash situations.
IEEE and others have argued that NHTSA’s EDR regulations did not go far enough to protect owners’ privacy.
Thus in 2010, IEEE issued a new Standard 1616a, which specifies a lockout system to block unauthorized access that could otherwise lead to data tampering, odometer fraud, and VIN theft.
It reasoned that such steps are necessary to ensure that motorists embraced the EDR technology in the long run.
With this lockout standard, a motorist would have a separate key which would lock access to the OBD-II connector (as well as the EDR download).
In a letter to the NHTSA Administrator, IEEE stated:
we believe public acceptance is crucial to the goals of this rulemaking… . We agree with the findings of a National Academies study that noted “Paralleling the concerns over legal acceptability of EDRs are concerns over public acceptability. A consumer revolt against the installation of EDRs could negatively impact sales and/or lead manufacturers to offer owners the option to turn off their EDRs or even stop installation of them altogether. These options would seriously limit the amount of EDR data collected for research by personnel in law enforcement, insurance, government, manufacturing and education.”
Such systems already exist:The Institute of Electrical and Electronic Engineers Standards Association (IEEE/SA) created a global standard (IEEE-1616a) to safeguard access to crash data.
In 2017, in the first appellate case in Florida, the Court considered whether a warrant is required to search an impounded vehicle EDR.
The court analogized the EDR to other electronic storage devices, such as cell phones.
The court noted that because modern technology allows the storage of large quantities on small, portable devices, it has become an emerging trend to require a warrant to search these devices.
The court (citing other cases) referred to the type of information that is stored on cell phones as “private and secret personal information” and having a “very personal and vast nature of…information.”
The court stated that although EDRs don’t yet store the same quantity of information as cell phones, nor are they of the same personal nature, the recorders contain more than what owner-drivers voluntarily convey to the public.
The court also noted that it is fairly difficult to extract the data from the EDR (by requiring a data retrieval kit and a manufacturer-specific cable), which it found very persuasive to the argument that vehicle owner-drivers have an expectation of privacy in the EDR’s data.
The court stated that extracting and interpreting the information is not the same as looking at the tires or brakes on a car while it is on a lift; because the data is difficult to extract and interpret, there is a reasonable expectation of privacy in that information.
The court stated, “Just as cell phones evolved to contain more and more personal information, as the electronic systems in cars have gotten more complex, the data recorders are able to record more information.
The difficulty in extracting such information buttresses an expectation of privacy.”
In sum, the court rationalized that because 1) EDR data is difficult to access, and 2) its information is more than what is normally exposed to the public, the defendant had a reasonable expectation of privacy in the EDR and police should have secured a search warrant before searching it.”
Soon a Georgia Supreme Court case will decide either 1) that law enforcement can download crash data at the crash site without the owner’s knowledge or permission, and doing so is not a violation of the motorist’s FOURTH AMENDMENT privacy protection, or 2) that law enforcement cannot access the crash data without permission or only after filing a warrant based on probable cause.
Either legal finding in Georgia (police can or police cannot) will be bland news to motorists in America because it’s still the ‘wild west era’ without adequate nationwide consumer protection.
It’s time for change! Here’s a solution.
Simply as possible, you can safeguard your data integrity and authenticity by using a connector lock that you either install pre-crash or someone else with your permission can do it for you post-crash.
The vehicle cyber security device essentially puts a lock on your vehicle’s Diagnostic Link Connector (DLC) port, usually located under the steering column.
Once attached, you now have control within the limits of Federal and State law over by whom and when the data is accessed.
This is a simple way to provide vehicle owners consumer protection at crash sites. It uses a Near Field Communication (NFC) enabled cell phone and a glove compartment place card and a label for the sun visor to warn anyone about downloading crash data, while also providing permission to others such as law enforcement (think of the yellow tape to secure evidence concept), first responders or tow-truck drivers to lock data access.
Window of Opportunity
The cybersecurity goal is securing data access during the “window of opportunity” to hack, delete, or alter data which is from the time of the crash to when the data is downloaded by an entity trusted by a Court.
You can safeguard your EDR data within the limits of state and federal law.