Consumer Advocacy Group Demands Driving Data Be Controlled by Drivers

Matt Posky
by Matt Posky
consumer advocacy group demands driving data be controlled by drivers

The Global Alliance for Vehicle Data Access (GAVDA) has issued a letter to automotive manufacturers around the world to request consumers be given direct access to the data generated by the vehicles they drive. While the group is comprised of organizations representing rental agencies, car sharing, independent vehicle repair shops that also want access to the information, it’s likewise backed by several consumer advocacy groups that worry customers and small businesses are being taken advantage of.

At the core of the letter is a refutation of claims made in a June 3rd memo the Alliance for Automotive Innovation (AAI) sent to Congress. That group is an assemblage of the world’s largest industry players with an aim to monetize driving data as quickly as possible. It just so happens that the duo are diametrically opposed to how the government should handle user information.

Fair warning, my bias rests firmly in the right-to-repair camp, so I can’t pretend not to favor GAVDA here and won’t bother to try. But that doesn’t mean there aren’t lingering issues that need to be addressed or room for compromise. We also don’t know what we don’t know.

For example, the Alliance for Automotive Innovation warned Congress “a ballot initiative being pushed by outside parties in the Commonwealth of Massachusetts would force motor vehicle manufacturers to allow outside parties to be granted real-time, bi-directional access to vehicle data,” suggesting that the arrangement runs the risk of widespread cybersecurity issues — comparing it to the current pandemic.

This seems like a valid concern on its surface, if not slightly hyperbolic. Yet I’m not an expert in such matters, despite spending hours upon hours reading about them. However, if the risks truly were as dire as the AAI claims, one would assume the obvious solution would be not to harvest the data in the first place — but that would interfere with the automotive and tech industries’ long-term scheme.

“Vehicle manufacturers in North American and Europe continue to raise the ‘boogeyman’ of cybersecurity to intimidate legislators and regulators on the issue of access to vehicle data by vehicle owners,” Greg Scott, executive director of GAVDA, said in a statement to Automotive News. “The manufacturers know, and GAVDA members know, that vehicle owner access to vehicle data can and is being accomplished in a cybersecure manner and that the manufacturers’ actual goal is the commercialization of vehicle data to enhance their bottom lines at the expense of competition and consumer protection.”

Bingo. But does that mean opening up the data to third parties is a good idea?

That’s largely down to who has access. If your local repair shop is trustworthy and scrubs sensitive information between visits, then the danger is probably no greater than leaving it to be stored at the manufacturer’s data center. But if it’s irresponsible, then you may have just opened yourself up to unnecessary risk.

According to the law being proposed in Massachusetts, any vehicle sold within the state that transmits data back to the manufacturer after 2022 will be legally obligated to have a standardized, open-access data platform equipped. This will allow third parties and customers to have more direct control over their vehicles, which the Alliance for Automotive Innovation claims creates an unnecessary vulnerability. But it’s not supposed to be a data buffet. Owners would have direct access to all mechanical information amassed via a mobile application and could then authorize repair facilities (or whoever else) access for diagnostic purposes.

From AN:

Under the proposed law, automakers would not be allowed to require authorization before vehicle owners, independent repair facilities or dealerships could access the data stored in the vehicle’s on-board diagnostic system, according to the bill’s text.

The alliance, which represents most major automakers in the U.S., argues the ballot initiative poses “cybersecurity, personal safety and privacy risks to the owner of the vehicle” and endangers others on the nation’s roadways.

“Simply put, while manufacturers remain committed to allowing consumers to decide where to take their vehicle for repair and maintenance needs, there is no scenario in which real-time, remote access by third parties would be necessary to diagnose or repair a vehicle,” the alliance said in the letter.

The official position of the Global Alliance for Vehicle Data Access is that customers are technically the ones creating and giving manufacturers permission to access the data (even if it’s not stated formally). As such, it “strongly supports the bidirectional, real-time control of motor vehicle data by motor vehicle owners.”

Meanwhile, the government (which nobody seems overly fond of these days) seems to be more in line with the AAI. NHTSA Deputy Administrator James Owens previously noted that 3rd parties need to be able to service automobiles, but essentially told Congress the Massachusetts bill was dangerous. Having watched the right-to-repair movement struggle over the last few years, I’ve no faith that the legislative branch will side against corporations on behalf of consumers and small business owners. However, I cannot state that the AAI’s cybersecurity claims are without merit — though I don’t actually believe they’ll be substantially more responsible in handling the data. This one is kind of a crummy situation in general where the consumer starts out with their privacy and DIY abilities already being whittled away.

[Image: CAT SCAPE/Shutterstock]

Join the conversation
3 of 8 comments
  • Turbo_awd Turbo_awd on Sep 05, 2020

    Almost makes me happy my Stinger doesn't have wifi.. less need to worry about it transmitting data back..

    • Mcs Mcs on Sep 05, 2020

      " less need to worry about it transmitting data back.." No problem. Millions of doorbell, security, dashboard, and traffic cams are doing just fine gathering data about you without the help of your car.

  • Anomaly149 Anomaly149 on Sep 05, 2020

    There are some good reasons to pause and really consider what you do with vehicle connectivity, and it's mostly because the average age of a car on the road is around "the release date of Windows 7". Extending the logic, around half of internet connected cars will be "Windows Vista SP2" or older. That's a hard problem; one that doesn't get easier when you have to figure out how to reasonably securely allow random third parties access to encryption keys.

  • Mike1041 At $300K per copy they may secure as much as 2 or 3 deposits of $1,000
  • Sgeffe Why on Earth can’t you just get the torque specs and do it yourself if you’re so-inclined?!
  • Sgeffe As was stated in another comment, the FAA nominee went down in flames. But the NTSB chairwoman certainly didn’t, and she’s certainly not qualified either!Lots of this kind of stuff going on both sides of the aisle—Ben Carson would have arguably made a better Surgeon General than HUD Secretary under Trump, for example.
  • Art Vandelay Interesting, the Polestar 2 I had as a rental utilized Android Automotive which is what GM said it is going to exclusively, yet it still offers Apple CarPlay according to this. Wonder if GM will do the same.
  • Stuart de Baker EVs just aren't ready for prime time for those with a single car and who take road trips. Being able to charge as soon as you arrive at a charging station, and even the chargers working on your car is a crapshoot. In the former case, you could have to wait for nearly an hour while someone else is charging.I also don't find EVs particularly fun to drive (I've driven a Tesla Model S and an Ionic 5.) I LOVE driving my '08 Civic (stick). I love the handling, the feel and responsiveness of the engine, the precise steering (the Michelin Pilot Ultra Sport tires help, but even with the snows on, the car is a joy). I have 152k on the clock, and hopefully another 25 years or so of driving (I was born early in the Eisenhower Administration and I have exceptionally healthy habits), and I'm going to try to keep the Civic for the duration.My Civic causes a less global warming emissions than some of these humongous battery operated trucks.