Self-Driving Car Riders’ Privacy ‘Unsafe at Any Speed’ in New House Legislation

DETROIT, MI - JANUARY 8: John Krafcik, CEO of Waymo, debuts a customized Chrysler Pacifica Hybrid that will be used for Google's autonomous vehicle program at the 2017 North American International Auto Show on January 8, 2017 in Detroit, Michigan. Approximately 5000 journalists from around the world and nearly 800,000 people are expected to attend the NAIAS between January 8th and January 22nd to see the more than 750 vehicles and numerous interactive displays. (Photo by Bill Pugliano/Getty Images)

John Krafcik, CEO of Waymo, debuts a customized Chrysler Pacifica Hybrid that will be used for Google’s autonomous vehicle program at the 2017 North American International Auto Show. Bill Pugliano/Getty Images

C-3PO tends to be most people’s first representation of a super smart robot. Star Wars’ beloved protocol droid acts very much as an individual, with its own distinct personality. The films never address the question, but C-3PO’s intellgence appears to reside entirely on the droid’s CPU.

But when artificially intelligent machines become prevalent here in the real world, they won’t work like that at all. Self-driving cars won’t really drive themselves. They will be driven largely by brains in the cloud.

The U.S. House of Representative’s unanimously passed a bill this week offered by Ohio’s Rep. Bob Latta, greenlighting the deployment of autonomous vehicles. Key leaders in the Senate have expressed an appetite for such legislation, but its language on riders’ privacy looks inadequate to some advocates.

All the cars’ many sensors will beam information gathered directly to online navigation systems. That’s piles of data about road conditions, weather and other cars on the road. Those logs can be directly associated with the people riding in the car. It’s the simplest pieces of data about each trip that are probably the most revealing: where it started, where it ended and who was in the car.

Here’s a few instances when simple route information could reveal too much:

  • Lots of trips taking place between two competing companies could suggest a merger deal underway,
  • If one firm has lots of specialized accountants and lawyers visiting, that could indicate there’s trouble on its books or
  • If one employee has taken multiple trips to another company’s office, that could indicate that they are in talks to switch jobs.

Sound paranoid? It shouldn’t, because we’ve seen it before.

Security researchers were able to easily identify individual taxi cabs in a pool of data about trips and fares collected by the New York Taxi and Limousine Commission. Then, by using images captured by photographers and social media, they could identify specific trips taken by celebrities (and how much they tipped).

Self-driving cars have a great deal of promise for mitigating traffic deaths, lowering the cost of transportation and reducing traffic, but they risk exposing people’s secrets, too.

Considering having an affair? Better buy a bicycle.

The current version of the legislation requires all autonomous or partially autonomous vehicles to have a plan for the data that it collects about the people in its cars. The main protection it offers consumers is this: the company has to give them some idea of what it’s doing with the data it gathers about them (including sharing it with other companies). It also requires the Federal Trade Commission to look into the issue.

“Privacy plans are not a substitute for privacy protections,” Marc Rotenberg, president of the Electronic Privacy Information Center wrote the Observer in an email. EPIC issued a statement on the bill Thursday, noting in particular that the law preempts state law, making it impossible for forward-thinking states to hold vehicle makers to a higher standard (as California has consistently done with automobile emissions rules).

“The Senate will need to look at these issues more closely. Right now, autonomous vehicles are ‘unsafe at any speed,’” Rotenberg wrote (link added).

John Verdi of the Future of Privacy Forum saw the legislation as a net positive. He wrote the Observer in an email, “Connected cars are increasingly sitting in American driveways and operating on roadways. The privacy requirements are important first steps in ensuring that drivers’ privacy is protected while they enjoy the massive potential safety and environmental benefits of connected vehicles.”

Verdi added that leading automakers have signed onto voluntary principles that require them to seek affirmative consent for sharing more sensitive data. Which is good, but non-obligatory commitments could erode quickly as robot-driven rubber actually hits internet-connected roads.

LOS ANGELES, CA - NOVEMBER 17: Radar sensors are seen on a car equipped with LIDAR, radar, cameras and GPS units using PolySync autonomy system development for creating and deploying driverless vehicles during the four-day auto trade show AutoMobility LA at the Los Angeles Convention Center on November 17, 2016 in Los Angeles, California. AutoMobility LA precedes the ten-day LA Auto Show, open to the public November 18 through 27. (Photo by David McNew/Getty Images)

Radar sensors are seen on a car equipped with LIDAR, radar, cameras and GPS units using PolySync autonomy system in November 2016. David McNew/Getty Images

Privacy International helped us compare the SELF-DRIVE Act’s standards to the basic privacy guidelines in Europe, under its General Data Protection Regulation (GDPR), which becomes enforceable next year.

In Europe, privacy policies have to include a privacy impact assessment, according to Ailidh Callander, a legal officer with the organization, who emailed the Observer via a spokesperson. Such an assessment would require “an assessment of the necessity and the proportionality of the processing and the risks to the rights and freedoms of the individual’s whose data is being processed,” she wrote.

She noted several particular deficiencies in the American legislation. For example, it never addresses deletion of data.

Privacy advocates tend to prefer for data to have a shelf life. But nothing in this legislation suggests that a record of your trip to the mini-mart ever needs to be deleted. And if it shares that data with a third party, who knows who else that company may share it with? In the end, it could be copied so many times that your embarrassing midnight ice cream run might never be lost to history.

Callander added that consumers should have the ability to see the particulars of data carmakers collect, as well as the right to review, challenge and erase that data. Further, consumers should not simply be informed that data is shared, but how much of it, with which organizations and why.

Lastly, Privacy International suggested that consumers should also have a way to contact someone at the company that collects data about their rides.

Rep. Latta’s office referred the Observer’s questions about privacy to staff at the House Energy and Commerce Committee, chaired by Rep. Greg Walden, of Oregon. The chairman’s office was not immediately available for comment. The legislation will need to be considered by the U.S. Senate before it can be sent to the White House for President Donald Trump’s signature.

C-3PO can choose to keep to keep your secrets (even if Princess Leia only trusted R2-D2), but real world robots have no choice but to share. Once shared, secrets get stored.

Yesterday, we learned that 143 million Americans’ sensitive personal information (the kind that enables identity theft) had been stolen from the credit reporting agency, Equifax. This follows breaches from Yahoo, Patreon and Ashley Madison, among many others. Even Facebook-owned Instagram let slip the contact information of its most famous users.

The private sector has proven a poor steward of very sensitive personal information, and it’s not hard to understand why. Protecting and deleting customer data falls on the expense side of the ledger, but selling, sharing and using data, that’s all potential revenue.