Vendors of auto dealer management systems must get written permission before they extract data from dealerships' computers and share that information with third parties, a new North Carolina law requires.
The mandate is part of a broader franchise law that takes effect Jan. 1.
"North Carolina is the first state to address" data mining, Jim Moors, a franchise attorney with the National Automobile Dealers Association, told Automotive News. "I think dealers in other states will look at the North Carolina law."
NADA sent a bulletin to members last month that advised them to review their computer contracts. Those contracts may give vendors access to dealership data such as vehicle service histories and sales records.
North Carolina lawmakers added the restriction on data mining to the franchise measure after dealers in the state complained that a unit of ADP Dealer Services was downloading data and selling it to Carfax Inc.
The dealers said they should be alerted anytime a vendor intends to mine and share data.
"The dealers had no idea this was happening," Robert Glaser, president of the North Carolina Automobile Dealers Association, told Automotive News. Glaser's organization lobbied for the legislation.
The law requires computer vendors to give dealers a list of all outside parties that may have access to dealership data. The measure applies the same rules on data access to automakers and their distributors.
The North Carolina legislation includes other provisions intended to protect dealers. They include: