Mandatory Car Black Boxes Proposed: Privacy Questions

  /     /     /  
Publicated : 22/11/2024   Category : security


Mandatory Car Black Boxes Proposed: Privacy Questions


NHTSA proposes that beginning in 2014, most cars would have to be fitted with data recorders. Consumer rights advocates say the measure includes few privacy protections.



Who Is Hacking U.S. Banks? 8 Facts (click image for larger view and for slideshow)
Is the country ready for black box data recorders inside consumers automobiles?
The National Highway Traffic Safety Administration (NHTSA) last week issued a
notice of proposed rulemaking
in the
Federal Register
, proposing that as of Sept. 1, 2014, all cars should be fitted with event data recorders (EDRs).
The agency is issuing this proposal because we believe that, without a regulation, EDRs will remain absent from the estimated 8% of the current light vehicle fleet that lacks an EDR, according to the
Federal Register
listing. We believe that requiring all light vehicles required to have frontal air bags to be equipped with EDRs would help improve vehicle safety for consumers, while imposing relatively limited costs on the automobile industry.
Consumers have until Feb. 11, 2013, to comment on the proposal. Already, however, the consumer rights group Electronic Privacy Information Center (EPIC)
warned that EDRs
record detailed information about drivers, which can be made available to insurance companies, the police, and others, and recommended that commentators urge the agency to strengthen privacy safeguards for data captured by any such devices.
[ Ready for driverless cars? Read
Google Autonomous Cars Get Green Light In California
. ]
But the NHTSA, in its proposal, suggested that any related data privacy safeguards would have to come via laws enacted by Congress -- none currently exist -- or state legislatures. While these issues are of continued importance in the public discussion on the use of EDR technology, as an agency, we do not have the statutory authority to address many of these privacy issues because they are generally matters of State and Federal law that we do not administer, said the NHTSA proposal.
To date, about a dozen states have passed laws governing how EDR data can be used. Most state laws
require automotive manufacturers
to disclose to new buyers when a vehicle contains an EDR, and also limit how collected data may be used or shared. Colorado law, for example, prohibits the release of event data unless the data is released to a motor vehicle safety and medical research entity or data processor in order to advance motor vehicle safety, security, or traffic management, unless the release of that information is ordered by a court, or else the vehicles owner simply consents to it being used.
This isnt the NHTSAs first foray into EDR standards. Notably, the agency created an EDR regulation in 2006, and it went into effect on Sept. 1, 2012. But although that regulation specifies how recorders should capture and store information -- as well as crash survivability requirements -- it doesnt mandate the installation of EDRs.
Why bother capturing vehicle data? According to the NHTSA, having access to EDR data could improve vehicle safety both now and in the future, not least by allowing the agency to examine the effectiveness of the latest safety features. It is important to have EDR data relating to the crash experiences of vehicles with these advanced safety systems so that the agency can, at the earliest possible time, gather enough information about emerging advanced technologies to conduct reliable analyses and make policy judgments, said the proposal.
Additionally, the agencys experience in handling unintended acceleration and pedal entrapment allegations has demonstrated that EDR data from a particular vehicle model can have significant value to both the agency and the vehicles manufacturer to identify and address safety concerns associated with possible defects in the design or performance of the vehicle, it said.
Recent breaches have tarnished digital certificates, the Web security technology. The new, all-digital
Digital Certificates
issue of Dark Reading gives five reasons to keep it going. (Free registration required.)

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Mandatory Car Black Boxes Proposed: Privacy Questions