There was an echoing phrase several years ago in our industry: “It’s all about the data.” And, though the narrow context of that phrase was intended toward inventory and distribution data in the auto care business, nothing could be more true in the general sense these days, whether inside or outside our business. In our digital environment, where we live for text messaging and live chats, where it seems every aspect of our lives is do-able online, where tons of data of all types is collected and stored, it IS all about the data.
That’s particularly true of today’s high-tech vehicles, with various systems controlled by computers and sensors, all creating and collecting data continually, monitoring and adjusting every minute process of management of all the systems in the vehicles.
As noted in this space earlier this year, the folks at the Department of Defense’s DARPA unit (the Defense Advanced Research Projects Agency) demonstrated how someone could wirelessly hack into a car and take over its operation from the driver. In that demonstration, all aspects of the vehicle’s systems were able to be controlled remotely, from the wipers and horn down to the brakes and accelerator. Then again, just a little over a week ago, the folks at Wired magazine — working with a couple of computer hackers — made a big media splash, putting one of the magazine’s writers behind the wheel of a Jeep Cherokee that the hackers had full control over, using that remote connection to do everything from operate the entertainment system all the way to shutting down the engine while moving at highway speeds, and disabling the brakes totally while the vehicle was rolling in a parking lot.
On July 21, Sens. Edward Markey (D-MA) and Richard Blumenthal (D-CT) introduced the Security and Privacy in Your Car Act of 2015, or the SPY Car Act of 2015 (S. 1806). The bill directs NHTSA and the FTC to work in tandem to develop standards for data privacy and communicating data collection to consumers. Additionally, automakers would be required to meet any cybersecurity standards created by the agencies to protect against hacking and limit the access to drivers’ personal information.
According to a report from the folks at the Auto Care Association in their Capital Hill Report dated Jan. 27: “the SPY Car Act would require automakers to adhere to new data security standards by putting in place ‘reasonable measures’ to keep data secure when being stored on the vehicle, in off-board storage or in the transition of data communication from one location to another. These measures would also be communicated to vehicle owners or lessees through a new ‘cyber dashboard’ included on the information labels for all new motor vehicles.”
But a key part of this bill denotes that, when it comes to this data collected, it all belongs to the consumer, and those car-owner consumers must be allowed to deny data collection without the loss of functionality of such devices as the navigation system.
And the key factor in this type of legislation or regulatory action — in regard to the independent auto care industry — is that we maintain access to all that data so we have the ability to maintain or repair today’s computer-controlled cars safely and reasonably.
In too many arenas today, technology has been moving forward faster than our ability to recognize unintended consequences. Making these vehicles the way we do, to operate as efficiently as they do, has been a blessing and a boon in protecting the environment and making today’s vehicles fuel efficient. But, as we find the vulnerabilities in these smart systems, we need to acknowledge them, address them rapidly, and make sure the systems serve the consumer without potential harm.
And, all the while, we need to make sure the legislation and regulations keep the American consumer safe. We also need to look out for their freedom of choice — the freedom to have choices in who services their vehicles. That balance is certainly required.
Gary A. Molinaro