Slashdot Mirror
Black Boxes In Cars Raise Privacy Concerns
hessian writes "In the next few days, the National Highway Traffic Safety Administration is expected to propose long-delayed regulations requiring auto manufacturers to include event data recorders — better known as 'black boxes' — in all new cars and light trucks. But the agency is behind the curve. Automakers have been quietly tucking the devices, which automatically record the actions of drivers and the responses of their vehicles in a continuous information loop, into most new cars for years. Data collected by the recorders is increasingly showing up in lawsuits, criminal cases and high-profile accidents. Massachusetts Lt. Gov. Timothy Murray initially said that he wasn't speeding and that he was wearing his seat belt when he crashed a government-owned car last year. But the Ford Crown Victoria's data recorder told a different story: It showed the car was traveling more than 100 mph and Murray wasn't belted in."
The guy broke the law, tried to lie about it and now that's called privacy concern? Oh the hypocrisy.
Look, US can be a little old on those things. That's why I live in Europe where people are actually held responsible for their actions. You don't get to say it's a privacy concern if you go around driving over people and shoot them with a shotgun!
You know what, if you kill a guy with your car at least take responsibility and try to work it out with the police. Don't lie about it, you have no shame!
I was born and raised in Massachusetts and this is just the culture of the State Police. Anyone who regularly drives on the highways has been passed by a cruiser with it's lights off doing 90 in the passing lane. After his first lies didn't pan out he retcon'd a new story about being asleep that fit the black box data.
Could it not be used in the defense's favor as well? For example, to prove you came to a full stop or weren't speeding? You'd need a way to collect and save teh data so it's both available and admissible; but a sword can cut two ways.
I'm a consultant - I convert gibberish into cash-flow.
It is simple. As long as the black box does not automatically transmit the data, and as long as there are rules who, how and when they can access it (court order?). Then there is no privacy violation.
By stimulating the market for classic cars.
No black box in a Shelby roadster.
Okay, let me break this down for you easily.
1. Car makers can put whatever devices in their cars they want. It's up to you, the buyer, to either not buy cars with black boxes OR to petition your local/state/federal politicians to make selling cars with black boxes illegal. You have either choice, it's up to you.
2. Insurance companies can require black boxes in cars if they were factory installed in order to be insured. Though there may be laws that they might be breaking because many states require auto insurance, but I'm not a lawyer. Either way, again, two options: vote with your wallet or make this practice illegal by approaching your politicians.
3. The aforementioned black box information does not have to be admissible in court for criminal penalties, but insurance companies could black ball you for information obtained from the box. Also, affected victims do have the 100% right to go after you for CIVIL penalties related to any crashes. The only time the 'government' matters is when there is involvement of criminal penalty. A civil court could mandate that the black box information be passed over to the victimized parties for review, or the data retrieved from therein.
I like how people talk about 'right to privacy' but each example I've mentioned still falls 100% within the boundaries of privacy laws AND more importantly, the US Constitution. Remember, such 'rights' are only granted against GOVERNMENT, but private parties can require whatever the hell they want. You can bitch and moan up a storm about right to privacy and whatnot but remember, private parties have far more leniency compared to personal information. For example, a government might require a warrant to obtain information on you ; but a PI can do whatever they please. The only reason a PI is limited is because someone somewhere said it was fucked up and got laws added.
Paraphrased from a decade ago on Slashdot:
"That's the downside to driving around a 1500 lb chunk of steel and aluminum. You aren't allowed to hit anyone with it."
Why exactly does the office that hands out license plates need a large armed force driving patrol cars? Only in Massachusetts.
...of course, it becomes a 'privacy concern' to the government, when a government official is the one whose 'privacy' is being exposed.
You know, one of those 'elected public officials' who probably should have the least expectation of privacy from their voting public?
-Styopa
Not so much this guy. He drove a government-owned vehicle and has a public function so his duties include giving a good example, and so he has less expectation of privacy. And yes, I'd be inclined to allow law enforcement access to such data in the case of a deadly incident. Though "breaking the law" is debatable as road rules generally aren't "law", merely rules. Yes, there's usually a difference, though I haven't the faintest about the details of the road code(s) relevant to this.
But there is a privacy concern, and if you ignore the guy and his incident in TFA, it's pretty clear later on what the problem is. It's about adding recording devices to cars without the owners knowledge or consent. That was a problem before the law requiring this came into force, and it's still a problem now. There is also the problem of reliability of the things that may or may not be quite the same as the perception (electronic thus infallible, just like "biometrics" is generally taken to be infallible but is anything but). Aeronautical black boxes are tightly regulated. These things, not so much.
What if the storage fails in a way that shows incorrect data and you do end up in an accident when only driving 50 but the device showing you've been zigzagging and doing 90 (which you were just before it burned out, but on a privately owned racecourse a couple weeks prior)? Or what if someone manipulated the recorder to frame you? It's unlikely, but not impossible, and if this sort of thing is going to be used as evidence against the owner of the vehicle it had better have safeguards and tamper evidence mechanisms built-in.
And then there's the question of who owns the data and who may access it when, at what cost, how, that sort of thing. On top of that there's the problem of various promises made ("only use for law enforcement, honest!") when such promises are routinely broken in similar situations elsewhere.
So yeah, plenty of problems with this practice. The example isn't a particularly good one, but laws turning your car into evidence against you is a bit much, innit? Then just gimme a robotic car and have someone else be liable for its mistakes, thanks.
It really is only a matter of time before someone reverse engineers those recorders and proceeds with pushing their own data into it. It'd be fun to prime it with a speed record that draws convex shapes when plotted on a time-speed graph (with time as x-axis and speed as y-axis). Could probably prime it with an upright hand giving the middle finger for spite.
Dangerous driving is epidemic in the United States. This is a sensible response to a massive public health problem. What we really need is driverless cars and the abolition of consumer operation of vehicles, but in the meantime let's have:
(1) Much stricter licensing requirements, including mandatory defensive driving courses and road tests required for renewal, paid for by much higher license fees.
(2) Strict enforcement of traffic laws, including red light cameras and speeding cameras.
(3) A complete end to "right turn on red".
(4) Immediate loss of license for drivers at fault in any injury accident.
Driving is a licensed activity, like piloting an airplane. There is no expectation of privacy.
Looking at the picture of the car and having been in several high speed accidents I find it hard to believe he did not have his belt on. I got thrown out the back window of a Chevy Suburban in an accident where I was doing about 80mph and I got beat to hell and spent 2 weeks in the hospital. After that I started wearing my seat belt but didn't really slow down until years later. High speed accidents are unbelievably violent and often even people properly belted die or are seriously injured. I hit a guard rail at 50mph and even belted I couldn't believe how much it hurt. I had an 80 pound toolbox in the hatchback and it smashed through the backseat and crushed the passenger seat against the dash. Thankfully I was alone in the car. If this guy really wasn't wearing a seat belt then he's the luckiest SOB around.
The actions you take in your car bear a much higher risk if KILLING ME than the actions you take inside your home.
While most people don't secretly build bombs in their homes and blow themselves and their neighbors up, many, many people exercise negligence while driving which does kill (or badly injure) their neighbors (the highest cause of death is driving through your neighborhood).
So, this difference in risk and consequences justifies a difference in handling.
As a good driver who has been victimized by a bad driver who broke the law, crashed into me, lied about it, and managed to get ME ticketed for it, I am happy to accept a black box in my car. It can be used to demonstrate my innocence, and hopefully to prevent other drivers from driving as badly as they do.
I love my right to privacy, and I love YOUR right to privacy, in our homes and on our computers. But not while barreling around on public roads.
Wow. A government issue Ford POS can go 100 mph.
Is an off switch. I own the car right? I can do what I want to my car within the confins of the standards/laws for operational safety (brakes, tires, lights, inspection etc...) As a monitoring device, the black box has no proactive impact on safety, so I should be able to turn it off. The result is that data will neither be available to incriminate or prove my innocence should an accident occur. Freedom to make the choices that only impact me (and please sign this waiver if you want to be my passenger, thanks...) is fair.
Que the back room deals to unnecessarily intwine the car's engine management computer with the monitoring system, because blah blah blah, so sorry its technically impossible to turn it off...
I don't think this is per se a privacy issue because I think the word "privacy" has become overloaded to express concerns about surveillence and information. A lot of people would argue that, just as one should not be held to be witness against themselves, one's everyday devices should not be allowed to inform on them without their permission, either. That one should not be monitored and surveilled unless there is specific, a priori reason. That information, no matter how innocent, is more prone to abuse the more of it there is. These are concerns that are legitimate. Some people will argue that they are not properly "privacy" concerns and dismiss them out-of-hand. But mislabeling the concerns is not to make them trivial. The dedication to "the truth" that often drives these initiatives after more data is a cover for dedication to more information. "The truth," as it were, is a derivation from data and a function of human judgment. Always has been. And so long as information flows are asymmetric and the judging humans have authority over the judged, "the truth" will naturally be biased.
Just look at what you wrote, think about the meaning you were apparently trying to convey, then about what meaning was actually conveyed.
America's a big place with lots of different people. Some of them are interested in the wider world, some aren't. I've met some of the most ignorant (racist) and provincial people in Europe, but I don't extrapolate that to EVERY EUROPEAN.
The data needs to be in an open, defined format and standard. Everyone needs to be allowed to access it(think shade tree mechanic). Law enforcement needs at minimum a court order or warrant to access the data. Get those items codified and life will be ok.
Look up Inthinc. Their stuff has been snitching on idiot truckers and Mormon missionaries alike for a while now. The difference is their stuff talks back to warn you before the cop or blacktop do.
In a world of the blind, the one-eyed man is king--and the two-eyed man is a heretic.
Why is it assumed that the data recorded is always correct? For decades I've been driving cars with pieces of black tape over various always-on idiot lights that the dealer says he can't fix. All it takes is a dirty contact or bad connection for signals to be interrupted. Any time adverse data are found it should be mandatory to verify that that evidence is correct. Of course, that may be impossible after an accident and the verification failure will be blamed on the accident damage and the possibility that there was a prior signal fault will be ignored.
Every now and then the "Seatbelt not fastened" warning comes up despite the seat belt being completely secure.
Write "Without Prejudice" next to your signature the next time you renew your driver's license. That expresses the reservation of rights to not consent to automated enforcement.
And shove it up your ass. The U.S. operates this way because, and I'll point it out since you can't remember your own contintent's history, tyrants used to dictate our every move from 2,000 miles away, almost 300 years ago. We have certain freedoms which protect individual rights because of our experience with their abuse. Let's also point out that EUROPE is PARTICULARLY NEW on the INDIVIDUAL RIGHTS front. They couldn't completely come to terms with the concept until the 1950s European Convention on Human Rights was convened and votes to enact a large set of human rights regulations through out it's member countries.
By the way, we still don't trust high and mighty assholes that live 2,000 miles away.
For laws to be changed, we need to catch more politicians doing embarrassing things. It doesn't matter if it is when
* flying an airplane
* driving a car
* using the internet
* using a cell phone
We need to use tracking data to embarrass these people so they learn to pass laws to protect everyone.
The key here is not to lie about the circumstances, but to say nothing at all. Then the right to avoid such recording is justified. I am disappointed that there is no data on how to disable this device. Never open yourself to the police or public getting hold of such information. The main reason that these recording devices are place in car by manufactures is to protect the manufacture, not for the purpose of accident investigators. Of course, it works out that way anyway and I would also be highly suspicious of anyone in today's socialist bent society from not joining the government's insatiable desire to spy and gather information on everyone.
If anyone took the time to actually read about what happened they'd find out it appears that he fell asleep behind the wheel, which is why his speed jumped to 100 at the last moment. He was going 75 before that very early in the morning. A speed that 90% of the people around me do on the morning commute.
The investigation showed Murray was driving 75 miles per hour in the seconds leading up to the crash, which occurred before dawn on a stretch of Interstate 190 in Sterling. But his foot fell harder on the car’s accelerator, increasing his speed to 108 mph as he slid off the roadway and into a rock ledge, flipping twice. His speed was recorded at 92 mph upon impact with the ledge.
Use of data stored in Flight Data Recorders and Voice Recorders in the US are covered by laws that state they cannot be used for disciplinary or legal actions. They were installed for safety purposes to determine why accidents and incidents occur and to develop training and other controls to keep accidents from recurring.
The devices also must undergo a mandatory calibration and functionality check each year to assure their accuracy. Software updates are very strictly controlled and cannot be implemented by a vendor without going through a rigorous FAA validation procedure.
None of the above is true for motor vehicle data recorders. The car manufacturer is free to change the software and there are no periodic mandatory checks to assure the software is recording accurately or that the sensors feeding the recorders are accurate. How many times have you had a car malfunction because some emission sensor went bad without a "check engine" light? What did the car computer record about the sensor activity?
I say that we let the car recorders continue to be used but that they be banned from being used for legal or insurance reasons unless periodic, mandatory testing is required to assure they are accurate. Otherwise their testimony is just hearsay.
Franklin said essential liberty. Anarchists continually forget or ignore that. Being able to lie to the police (or hell, your parents) about how fast you were going, if your foot was on the brake or gas, etc, is not an essential liberty. If you don't like speed limits, seatbelt laws, and so on -- fight for those to be repealed.
There is about zero risk of abuse from systems like these, even if the data is broadcast openly and unprotected, live, while you're driving. For the most part, in fact, that is already happening. None of the information these devices records is information that is unavailable otherwise, except perhaps things like the seatbelts being fastened.
If these "black boxes" were installed (hidden away) in all new cars for years -- then why is the new law needed?
Since 1996 IIRC all new cars sold in Merika had to be equipped with a *Uniform Plug Interface* called OBD2 so independent mechanics and civilians could access the CPU and associated subCUs and sensors' information, and reset dash warning lights. They were in no way hidden away -- in fact, the position of the access plug is specified quite clearly in the reg so it will be easy to find.
ECUs that recorded events and kept a history in non-volatile memory had been in use for a long time but required proprietary connectors and software to access.
The courts have ruled in various ways over this; this new law seems to allow the use of data recorders dedicated to courtrooms instead of diagnostics.
And that's the problem, as I see it.
I use an OBD2-USB cable to use my computer to download (and potentially to upload changes to) this information.
The proposed law is quite different: It would allow the courts to impose self-incrimination.
The good part is this new device will be reverse-engineered, no matter what kind of protections are installed.
I was stopped by a full of attitude cop, for what he claimed was "speeding". Even though he had no radar gun, he claimed I was doing 50 in a 35mph zone. A lie, I was doing 35. I asked him how he determined that and he said he "paced" me. He was nosing around trying to find something to charge me with, when I said, well, I won't disagree with you, but my car has a data logger, so I guess we''l have to sort it out in court. He wheeled around with a mad look on his face and asked me to explain. I told him that the car records all operational information with a time stamp, (I was fibbing, but, hey, I knew the cop was wrong about speeding), and the data can be downloaded. This made him madder, and he demanded I open my trunk (he was off his rocker- I have a wagon). Then he yelled at me about how I can't record cops. I said, sorry, it's all automatic and it does not record conversations, just data and location, via GPS. Like how long I have been stopped here at this location, how fast I was going, and speeds linked to location, turn signal use, brake use and rate of braking, acceleration etc. He realized that he was in trouble, should he give me a ticket, and I produced the data in court, so he yelled at me for being on the road late at night and drove off. These things can work both ways, you know.
Republican leadership = Idiocracy
How hard is it to pull out a fuse and start the car? I have done this more times than I can count in order to reset the computer on a car in order to pass smog. It doesn't work anymore though, now they can tell that you've wiped the memory.
Your airbag control modules(ACM) runs a recording loop (5-10 sec)checking variables for the deployment of the airbag. After deployment it locks the loop (ready for later extraction). For accidents that takes a person(s) life (most likely totaling your vehicle), you contact your insurance company and make a claim, they yank the ACM to either support your claims or more likely to deny your claims. Also the NTSB like taking a peek at it also.
So how do you protect your privacy? Before calling your insurance company, (or before they get to the tow yard to yank your ACM) you can send someone to yank it out for you, or drill through it (it has to be replace when deployed anyhow!). They are normally located near passenger side firewall.
... I'm so glad I got to be a kid in the 80's. Not all of us survived, but we had some epic car rides.
100mph no belt a crash and he walks away?
One stray error is all it would take for the car to record your speed as 10,000mph. So what if the car reported "100mph unbelted"? Maybe he was going 25mph and the car multiplied his speed by 4? I've seen weirder fuckups, glitches and misfeatures from the auto industry - several of our vehicles have had electronics issues and "ghosts". If they can't even get electric windows to work reliably, how in the hell am I supposed to trust their black box again?
So how do you protect your privacy? Before calling your insurance company, (or before they get to the tow yard to yank your ACM) you can send someone to yank it out for you, or drill through it (it has to be replace when deployed anyhow!).
The fatality means your car will be impounded.
In any event, the tampering will be spotted in the blink of an eye. You can't possibly risk a jury verdict in civil or criminal court. But there is no damn food reason for anyone to cut you a deal when they can go for the max and almost certainly get it.
>If you are driving and you refuse a blood-alcohol test on
>the grounds of "self-incrimination", that won't buy you
>much in most states.
"As in many other states, Washington considers driving a privilege, not a right. Every person who applies for and obtains a driver's license in Washington State must agree to submit to a chemical test when placed under arrest for DUI, Physical Control, or Minor DUI. Thus, by the mere act of driving with a license in Washington you have automatically consented to taking such a test. Every state in the country has an implied consent law."
"Refusal to submit to a chemical test will result in a mandatory administrative license revocation by the DOL for at least one year."
Also, refusal to submit can and will be used you in a court of law.
Know your rights. And, know that if you are drinking and driving and impact anyone I know - my right and intention is to pull your stupid spine out and choke you with it.
I'm reminded of the old saw from Spiderman, tweaked for the digital age: "with great information comes great responsibility". There is no doubt that a black box recorder in an automobile can offer tremendous good. Just like nearly any other tool, there is also no question that such information could be used is ways of questionable good, or far worse. The problem we have is that information and information availability are increasing at a pace far outstripping our society's ability to set reasonable societal standards of ethics, not to mention procedural checks and balances, to govern its use.
These are only a first step.
There has also been clamoring for years by insurers and others to also require breath interlock devices on all vehicles, which would benefit handily from having these data recorders also.
Take it how you will, but I bet you anything, that by the model year 2018, there will probably have been a serious push to have those mandatory as well.
@Mindless Drivel: 100% of Twitter posts ever Tweeted.