Lawmakers move to block black box recorders in cars, DVR snooping
Legislators also have privacy concerns about DVR viewer tracking
Computerworld - Is your car watching your every move? Can the cable company track your DVR habits?
Those two privacy issues are bubbling up in Congress, where lawmakers this week filed bipartisan legislation that would give car owners control over data collected in black box-style recorders that may be required in all cars as soon as next year. The move follows a separate proposal made earlier this month that would block telecommunications companies from tracking viewer activity with new digital video recorder (DVR) technology.
Most new cars already have black boxes, known as event data recorders (EDRs), but manufacturers aren't required to inform vehicle owners about their existence or the data they collect, according to the lawmakers.
"For me, this is a basic issue of privacy," Rep. Mike Capuano (D-MA) said in a statement. "Consumers should have control over the information collected by event data recorders in their own vehicles and they should be able to exercise control over the recording function. Many consumers aren't even aware that this technology is already in most vehicles."
Last year, the National Highway Traffic Safety Administration (NHTSA) proposed a new standard that would require all light passenger vehicles (weighing 8,500 lbs or less) and motorcycles built on or after Sept. 1, 2014, to have EDRs. The recorders, while similar in function to black boxes in airplanes, record far less information.
In response to the proposed new rules, Capuano and Rep. Jim Sensenbrenner (R-WI) filed the "Black Box Privacy Protection Act" to give vehicle owners more control over the information collected through a car or motorcycle EDR. The legislation requires manufacturers to notify consumers if an EDR is installed in their vehicle, to disclose its data collection capabilities, and provide information on how data collected may be used.
The bill also gives vehicle owners control over the data. All data collected by an EDR becomes the property of the vehicle owner under this legislation. The bill would make it illegal for anyone other than the vehicle owner to download or retrieve information without owner consent or a court order.
The legislation also requires manufacturers to give consumers the option of controlling the recording function in future vehicles equipped with event data recorders.
"As a strong supporter of the Fourth Amendment and privacy rights, I believe vehicle owners should have ultimate control over information collected by their vehicle's black box, including what data is recorded and who has access to it," Sensenbrenner said.
According to the NHTSA, however, EDRs do not collect any personal identifying information or record conversations and do not run continuously. What they would record is:
- Vehicle speed;
- Whether the brakes were activated just before a crash;
- Crash forces at the moment of impact;
- Information about the state of the engine throttle;
- Air bag deployment timing and air bag readiness prior to the crash;
- Whether the vehicle occupant's seat belt was buckled.
"EDRs provide critical safety information that might not otherwise be available to NHTSA to evaluate what happened during a crash -- and what future steps could be taken to save lives and prevent injuries," said NHTSA Administrator David Strickland. "A broader EDR requirement would ensure the agency has the safety-related information it needs to determine what factors may contribute to crashes across all vehicle manufacturers."
But lawmakers said many consumers are not aware that this data could be used against them in civil or criminal proceedings, or by their insurer to increase rates.
No federal law exists to clarify the rights of a vehicle owner with respect to this recorded data, according to Capuano.
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts