Like many, I have been a pretty committed viewer of 60 Minutes over the years. The award-winning television program, which debuted in 1968, has set itself apart from other news programs by using a unique style of reporter-centered investigation. There have been isolated instances of controversy over the years concerning a small handful of their stories – some automotive – but, over the course of the last 47 years, the reporting has been intriguing.
A couple of weeks ago, I found myself fascinated by a segment on the show that showed the efforts by the Department of Defense’s DARPA unit (the Defense Advanced Research Projects Agency) to prevent cyber-attacks and hacking. And within that segment was a demonstration of how someone could wirelessly hack into a car and take over its operation from the driver. In the demonstration, all aspects of the vehicle’s systems were able to be controlled remotely, from the wipers and horn down to the brakes and accelerator. Scary stuff.
Around the same time, Sen. Ed Markey (D-MA) released a report detailing the cyber vulnerabilities within today’s vehicles. According to a MEMA Washington Insider newsletter, last year Markey sent detailed letters to 20 major automakers seeking information about their efforts to protect vehicle data and prevent hacking into a car. It said his report concluded that, while nearly 100 percent of new vehicles use wireless technology, security measures to prevent remote access are inconsistent among the automakers and only two out of the 16 automakers who responded to Markey’s letter described “any capability to diagnose or meaningfully respond to an infiltration real time… .”
For this writer, though, these are just dramatic examples of an area of the automotive industry that may be moving faster than we are all able to comprehend: our high-tech vehicles and the question of who controls the data and computer-based systems built into today’s vehicles.
According to the MEMA Washington Insider, automaker industry groups are working together on addressing the technical aspect of these issues. Recently, an Information Sharing & Analysis Center (ISAC) was formed for the automotive industry, and MEMA member companies will be part of that process. The ISAC will work to collect and share information about cyber threats and vulnerabilities in motor vehicle electronics and associated in-vehicle networks. The ISAC recommendations will be shared with NHTSA and will result in industry standards designed to enhance the security of vehicle data systems.
Last month, Auto Care Association senior vice president of regulatory and government affairs Aaron Lowe wrote on this subject in his blog after visiting the Consumer Electronics Show in Las Vegas. From “flashy dashboards and cool apps that will help drivers find a parking space,” Lowe wrote, “car companies also talked about the large amounts of data that they will be able to obtain from vehicles through these telematics systems and how this data will help them ‘personalize’ the experience for motorists.” But there was little discussion from automakers about what could be done with the data, how the relationship between the car owner and the carmaker will develop from this data collection, and who controls the wealth of data.
This is a tremendously complex set of issues, and one that has endless implications legally, financially and morally. It will not be resolved in one legislative, judicial or regulatory move. The important thing, though, is for all of us – consumers included – to be part of the discussion and part of the resolution.
Gary A. Molinaro