Slashdot Mirror

← Back to Stories (view on slashdot.org)

Carmakers Promise Not To Abuse Drivers' Privacy

Posted by timothy on from the how-far-can-you-throw-this-vehicle? dept.

schwit1 provides this excerpt from an Associated Press report: "Nineteen automakers accounting for most of the passenger cars and trucks sold in the U.S. have signed onto a set of principles they say will protect motorists' privacy in an era when computerized cars pass along more information about their drivers than many motorists realize. The principles were delivered in a letter Wednesday to the Federal Trade Commission, which has the authority to force corporations to live up to their promises to consumers. Industry officials say they want to assure their customers that the information that their cars stream back to automakers or that is downloaded from the vehicle's computers won't be handed over to authorities without a court order, sold to insurance companies or used to bombard them with ads for pizza parlors, gas stations or other businesses they drive past, without their permission. The principles also commit automakers to 'implement reasonable measures' to protect personal information from unauthorized access." Also at the Detroit News. Adds schwit1: "It's a meaningless gesture without being codified into law. A greedy car manufacturer or NSL trumps any 'set of principles'." The letter itself (PDF) isn't riveting, but it's more readable than some such documents, and all the promises it makes are a good reminder of just how much data modern cars can collect, and all the ways that it can be passed on.

8 of 98 comments (clear)

  1. Pinky swear? by i+kan+reed · · Score: 5, Insightful

    Will they take an oath? With they sign in blood? Will they promise their first born if they renege?

    A promise from corporations doesn't go very far.

    1. Re:Pinky swear? by gstoddart · · Score: 5, Insightful

      The check is in the mail. I promise I won't cum in your mouth. We promise we won't misuse your private data.

      None of these statements is worth a damn.

      The only solution is to not give it to them in the first place, and to have laws which dictate what they can and can't collect, and what they can do with it.

      This is why other countries have actual privacy legislation which spells this kind of stuff out. Because trusting promise of a corporation is moronic.

      This promise, or pledge, or PR stunt ... is neither legally binding nor particularly meaningful.

      --
      Lost at C:>. Found at C.
    2. Re:Pinky swear? by Dutch+Gun · · Score: 3, Insightful

      It's easy to be cynical and simply dismiss this as rubbish. Sure, most of this may be PR driven, but the fact is that ALL of the major automakers signed off on this document, and if any of them break their promise, it's also going to be a lot of PR damage for them. That equates into actual lost sales, if the damage is bad enough or sustained enough. Consumers are getting more and more privacy conscious, thanks in large part, no doubt, to some of our governments three-letter agencies.

      Here's the good news, and why we may be able to give automakers the benefit of the doubt until we spot evidence to the contrary: it's important to look at revenue models for companies when dealing with privacy and data issues. One of the big problems with Google and Facebook is that they have no product to sell other than your data. As such, you're never going to see much in the way of consumer privacy protection from these companies... ever. It's just not really possible. ISPs have plenty of revenue sources, but are generally in a non-competitive environment. As such, they've seen fit to track users for their browsing habits simply for the extra revenue, consumer privacy be damned. They can well afford to screw over their customers with high prices and horrible service, and there's little that people can do about it because there's often no real choice in providers for a given area.

      Auto-makers, on the other hand, are in a competitive market. Moreover, they're selling a high-value product for an actual profit. If an automaker decides to play fast and loose with the terms of this promise, people are likely to notice, and simply choose a make of car next time with a company they feel won't renege on their promises. Fortunately, there are plenty of carmakers to choose from. There's also a wide range of price points and features to choose from. You don't sell luxury goods by crapping all over on your customers - at least, not for the long haul.

      Most corporations are more than willing to write off a few of it's customers, although thanks to the internet, that's become more and more risky. However, in a competitive market, few corporations will screw over ALL of their customers, or they'll risk damaging their brand and risking market share. That's why they'll almost always back down when confronted with really bad PR.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    3. Re:Pinky swear? by i+kan+reed · · Score: 3, Insightful

      I too dislike unbridled cynicism.

      Of course, the problems with this line of reasoning, about PR disasters from breaking promises are:
      A. No one, not one major media organization, has a history of challenging companies on keeping promises
      B. They can abuse the data and call it non-abuse.
      C. Price and features are the driving motivators in the car purchase market, making "company PR" a pretty low concern, and even in that avenue, safety tends to matter more for PR than promise keeping.
      and
      D. Corporate promises last only as long as there's not more profit to be made from breaking them, no matter how big the cost is.

  2. If a corporation has to "promise"... by James-NSC · · Score: 4, Insightful

    ... it's because they've already broken it and are acting on the advice of legal and/or PR spin.
    Seriously, when was the last time a corporation promised you anything that they stuck to?

  3. License change? by gstoddart · · Score: 4, Insightful

    Industry officials say they want to assure their customers that the information that their cars stream back to automakers or that is downloaded from the vehicle's computers won't be handed over to authorities without a court order, sold to insurance companies or used to bombard them with ads for pizza parlors, gas stations or other businesses they drive past, without their permission.

    By continuing to use this service, you agree that your information may be provided to law enforcement at our discretion, provided to your insurer, sold to third parties, and used to provide advertising.

    See how easily they can change this?

    In an age where EULA changes by the issuer have been upheld, and when we're talking about your car (which you likely can't readily replace) ... in a few months they simply change the terms to read that you've given them permission.

    This is an entirely empty promise, and since it's software (and therefore licensed) they can change the terms any time they like.

    Tell you what, make it a law that you either have to provide a model which doesn't collect this data, or you have to remove the functionality when I take delivery if I ask you to.

    Other than that, I don't believe a damned thing you say.

    --
    Lost at C:>. Found at C.
  4. Re:"Court order"? by pla · · Score: 5, Insightful

    What does "court order" mean? Are they going to require an actual warrant, or will they just cough up your data on any request by a court? Because if a warrant ain't required, I ain't interested.

    Even if they do require a warrant, I ain't interested. They can keep their BS extra features that require tracking me. I can call AAA on my own. I can read a map on my own. I can remember to schedule my regular maintenance without automated reminders based on telemetry data.

    Free hint, automakers - Any feature that requires data to leave my car, I will actively disable. And even any feature that requires the car to log data locally, I will minimize to the greatest extent possible. I don't trust you, I don't trust the NSA, I don't trust the state government not to retroactively issue speeding tickets in a revenue-tight year (like they've already proven they will do with EZ-Pass type toll transponders - You know, the ones they promised (just like in TFA) they'd never use for anything other than paying your tolls).

    Someone want to get rich? Develop an ODBC-II dongle that erases my car's EDR every time I turn the car off... Or for that matter, continually if possible.

  5. It is worth less than that by aepervius · · Score: 3, Insightful

    I take their promise as in "we will pretend to protect your privacy while working hard with our legal department to find work around, and when we get caught, then it won't matter because we will have respected the "letter" of our promise even if we broke the spirit of it, and in the mean time we avoid laws which would force us to REALLY respect privacy."

    If an industry promise self regulation, you can bet it will be in their interrest, not in the one of the customer.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org