Privacy concerns in Autonomous Vehicles
There are many benefits due to Autonomous Vehicles. Please go through the post ‘Benefits of Autonomous Vehicles.’ However, as AVs collect camera images, video clips, biometric data, user contacts, location, speed, date and time, owner or passenger information, navigation history, etc., there is a risk to privacy.
Owner and Passenger Information
AVs collect a large amount of data, including the owner & passenger information, audio and video content inside the cabin and its surroundings, biometric data, map data, personal preference information such as seat inclination, temperature settings, etc. This information can identify drivers, passengers, and their activities with a high degree of certainty.
Location data
The data stored by an AV related to the destination, speed, route, date and time, etc., provide information about a user of when, where, and how a user travels over a period of time. This data can disclose the owner or passengers’ information on where they live, work, frequent stores, healthcare professional visits, restaurants, etc.
Sensors data
Personal information about AV users’ locations and on-road behavior may be valuable to various government and private sector entities, including law enforcement, news media, private investigators, and insurance companies.
AV sensors collect data relating to the operation of the vehicle as well as its surroundings. The AVs collect video and voice data of the people that they encounter without their knowledge or consent. It might not create a privacy issue if minimal data is collected for the AV operation and is discarded. But, AV might collect additional information as part of their new features roll out without the user’s knowledge, which happened in the case of Google gathering the Wi-Fi network and payload data¹ (passwords, email, and search history from open networks) during the Street View project.
Unencrypted data
AVs contain a lot of personal information, and that information needs to be encrypted. Otherwise, PII will be disclosed when an unauthorized user accesses that information. It was found that crashed Tesla vehicles (Model S, Model X, and Model-3), sold at junkyards and auctions, contained deeply personal and unencrypted data². They had information from drivers’ paired mobile devices and phonebooks calendar items and video showing what happened before the accident.
Cybersecurity issues
Vehicles are becoming big moving machines connected to the internet. The Automotive Edge Computing Consortium³ (founding members include AT&T, Ericsson, Intel, Microsoft, Google, Cisco, Oracle, and others) estimates that data traffic from an AV could surpass 10 exabytes per month by 2025⁴.
There can be many cybersecurity issues as hackers can steal AV data exploiting on-board unit vulnerabilities, software vulnerabilities, social engineering attacks, man-in-the-middle attacks, etc. There is no 100% full proof for any data; only the risk can be managed with proper security measures. AV hacking is demonstrated by university researchers who hacked into and stole a Tesla Model X in about two minutes⁵. They used a key fob, a Raspberry Pi, and a replacement engine control unit which cost around $200.
References
[1] https://www.theguardian.com/technology/2010/may/15/google-admits-storing-private-data
[4] https://aecc.org/wp-content/uploads/2019/04/AECC_White_Paper_v2.1_003.pdf
Thank you for reading! Please 👏and follow me if you liked this post, as it encourages me to write more!
