Skip to content
Join our Newsletter
Join our Newsletter

Is your car spying on you?

In-vehicle computer systems raise some important privacy issues, B.C. group says
Vincent Gogolek, executive director of the B.C. Freedom of Information and Privacy Association, is concerned about the data being gathered by car companies through the vehicles GPS.

Is your car spying on you? Who owns the data collected in your vehicle’s GPS? If your phone connects to your dashboard, who else can access that information?

These will be among the questions tackled in a report due next week from the B.C. Freedom of Information and Privacy Association (FIPA), which they call a “major study on how our cars watch us.”

As in-car computer technology advances and becomes increasingly connected to larger networks, this represents a growing concern for drivers, car companies and privacy advocates, said Vincent Gogolek, FIPA’s executive director.

A car’s on-board computing systems could record data tracking where you are going, how long you’re there, and who you’re with, said Gogolek, adding: “Part of what we look at is data-sharing — who’s got access to that info? And for what purposes?”

The report’s findings will not be made public until next Wednesday, when the association will present it to media and stakeholders in a launch event timed to coincide with the Vancouver International Auto Show.

Vincent Gogolek, executive director of the B.C. Freedom of Information and Privacy Association spoke to The Province on Monday about the data being gathered by car companies through the vehicles GPS.

A car’s data — which Gogolek described as “an absolute treasure trove of information on individuals” — can be accessed by “a surprisingly large number of organizations,” he said.

“We’re trying to lay down broad principles and make recommendations that hopefully we can take forward,” said Gogolek, adding that from the start, FIPA had “a lot of co-operation” from the B.C. New Car Dealers Association.

“Nobody wants to have this thing turn into a situation where people are paranoid about their cars,” Gogolek said. The yearlong study was funded through the Federal Office of the Privacy Commissioner in Ottawa.

Tobi Cohen, a spokeswoman for the commissioner’s office, said the office is “actively following” the issue, “specifically the data collection made possible by the growing deployment of automotive sensors designed to gather data about driving habits, location, speed and other elements.

Potential privacy concerns include the transparency of this collection and the use of telematics data to establish insurance premiums and/or profiling activities.”

This month in Spain, at the world’s largest mobile industry exhibition, a Volvo executive told reporters that data privacy has become a top priority, alongside road safety.

In an emailed statement, Sascha Heiniger, director of strategic brand communication for Volvo said: “Volvo does not only want to protect its customers in the car (and others around the car) — but also puts a high emphasis on protecting the data of its car users. That is why all personal data related to the connected Volvo car belongs to the customer.”

“Nobody wants to have this thing turn into a situation where people are paranoid about their cars,” Vincent Gogolek says

Last year, a Ford executive issued a retraction and clarification, after causing controversy when he reportedly told a trade show audience in the U.S.: “We know everyone who breaks the law. We know exactly when you do it because we have a GPS sensor in your car.”

The new FIPA report focuses on the privacy concerns raised by connected cars, but also touches on the related topic of security and potential breaches, an issue examined in a recent report in the U.S.

Last month, U.S. Senator Edward J. Markey, of Massachusetts, released a study examining “a vehicle fleet that has fully adopted wireless technologies like Bluetooth and even wireless Internet access, but has not addressed the real possibilities of hacker infiltration into vehicle systems,” according to a statement from the senator’s office.

“Drivers have come to rely on these new technologies, but unfortunately the automakers haven’t done their part to protect us from cyber-attacks or privacy invasions.

“Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected,” Markey said in the statement. “We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers.”

One Vancouver-based fraud investigator said the new technology raises many alarms from a security standpoint, now that dashboard systems can connect with drivers’ phones, accessing contact lists and email inboxes, as cars increasingly become “computers on wheels.”

Part of Volvo's latest autonomous car initiative includes relaying data from 100 select XC90 SUVs to cloud storage, but company spokeswoman Sascha Heiniger says "all personal data related to the connected Volvo car belongs to the customer.”

“How safe is that data? How much are they actually storing? Who’s got access to it?” asked the investigator, who asked not be named for professional reasons. Another topic the FIPA report touches on is usage-based car insurance.

In Ontario, some car insurance companies already offer insurance coverage based on “personalized technology” that tracks when, how often, and how far a car is driven, but ICBC spokesman Adam Grossman said that’s not on the horizon for B.C.

“We have monitored this topic for a few years now and will continue to do so, but we don’t currently have any plans to offer this to our customers,” Grossman said in an email. “Of course, another big issue to consider is that all usage-based programs require some form of on-board technology to monitor driving habits, which some would consider a violation of their privacy.”

Key concerns

Four key “significant privacy concerns” the B.C. Freedom of Information and Privacy Association seeks to address in a new report on connected cars:

    • To what extent will car owners and drivers have a choice over how and when their vehicles are being tracked?
    •  What happens when use of wireless tracking technology becomes an industry norm? Will those who opt out pay a premium to maintain their privacy? Or will that option simply disappear?
    •  Will consumers be able to make truly informed decisions if the choice is between concrete benefits and real but elusive risks?
    •  Are there viable alternatives to what the automobile and insurance industries are developing that can provide the benefits consumers seek, while not sacrificing their rights?

— Source: B.C. FIPA