Feds flash their badges on auto data

On the morning of Feb. 12, a collection of the auto industry's leading cybersecurity experts gathered at a sprawling FBI complex in Quantico, Va., to meet with an elite digital SWAT team called the Operational Technology Division.

Leaders of the division, which had famously pieced together cellphone videos to identify suspects in the 2013 Boston Marathon bombing, explained that they were interested in capturing connected-car data for investigations and outlined the requisite legal process, according to an agenda obtained by Automotive News.

The meeting, which included a tour of the Quantico complex, felt cordial and routine to people in attendance. It wasn't until a few days later -- when Apple Inc. publicly refused to help the FBI crack the password on an iPhone recovered from a shooter in the San Bernardino, Calif., terrorist attacks -- that the significance of the meeting began to sink in.

To some executives who attended the meeting in Quantico, the Apple-FBI standoff crystallized their understanding that data from connected cars, which hold huge value for the industry, could lead to conflict with law enforcement if not handled well.

By making private data available to law enforcement, instead of deleting it or masking personal information, automakers would run the risk of betraying customers' trust or inadvertently leaving a door open that hackers could exploit.

"I feel very uncomfortable with where we're at," said one industry official who attended the meeting in Quantico and asked not to be identified so as to speak openly. "There's a lot of pressure on the auto industry to do a better job with security. At the same time, we're being told by the government: "You guys are getting better at security, and that's messing us up.'"

The overtures to the auto industry by the FBI stem from the ever-increasing number of cars built with cellular connections. Automakers sold more than 11 million cars with telematics systems in the U.S. in 2015, up from 4 million in 2010, according to IHS Automotive. That number is projected to rise to 16.5 million by 2021, accounting for almost every new car sold.

With tens of millions of connected cars in service, automakers are collecting vast troves of data. Using those databases, they hope to spot technical problems early, build valuable new services for their customers and make money by selling aggregated, anonymized data to third parties.

Law-enforcement agencies have historically made scant use of data from cars, except when recovering black boxes for forensic purposes after car crashes. They have primarily turned to telecom companies to collect location data for suspects, using cell tower data to pinpoint a cellphone, said Stephen Tupper, an attorney who specializes in privacy at Dykema Gossett in suburban Detroit.

But as automakers build rich databases to get a deep understanding of customers' habits and preferences, they can expect more requests. 

"We're early enough in the life cycle of this technology that, frank-ly, law-enforcement organizations don't have the technical know-how or the wherewithal to make much sense of these data," Tupper said in an interview. "But I think that's going to be a short-lived situation. Law enforcement will get a lot better at that going forward." 

It isn't clear how often law-enforcement agencies currently request data from connected cars. Silicon Valley technology companies such as Google and Facebook tend to release "transparency reports" to show the frequency of government requests for information on their users, but automakers do not. 

"Your car essentially knows where you sleep, where you work, where you eat, where your kids go to school, if you go to church, if you're having an affair -- you name it," said Nate Cardozo, a staff attorney at the Electronic Frontier Foundation, a nonprofit devoted to civil liberties online. "But the OEMs are opaque. They don't tell us what they're collecting, they don't tell us with whom they're sharing it, and they don't tell us how often the government comes knocking."

There have been few court cases to shed light on government requests. The most revealing case, heard in 2003 by the 9th U.S. Circuit Court of Appeals, bore the cryptic name of The Company v. United States of America; the name of the automaker remained secret. In that case, the U.S. government sought to wiretap a suspect's car by placing an emergency call to the telematics system inside and muting the operator's line, allowing the government to listen to conversations inside the car.

The automaker pushed back. It argued that to snoop on the suspect, the automaker would need to interfere with the normal function of its telematics system, which was not required under U.S. wiretap law. The court agreed.

Tupper, the privacy attorney, said the laws are fairly clear on wiretaps of cellular connections because they were written for telephones. Yet there are no such laws for data collected from cars that lay out what the government may legally request.

"People won't adopt the technology if they think all this information is going to be available to the government or other private parties," Tupper said. "There's going to need to be a legislative solution, but I don't know what it's going to look like, and it's going to be really, really difficult."

In the absence of federal law, automakers have written their own guidelines. Rules released in 2014 by the Alliance of Automobile Manufacturers and the Association of Global Automakers say automakers shall disclose any collection of private data, store private data only as long as necessary for legitimate business uses and get permission before sharing private data for marketing.

The principles are "very direct in establishing that automakers will clearly state the limited circumstances when they may share information with the government," Wade Newton, a spokesman for the alliance, wrote in an e-mail.

If they are concerned about government inquiries, automakers could simply stop holding on to data. Even if scrubbed of private information, connected-car data could still be useful for broad insights, such as how many cars drive down a given road. But it would no longer be as useful to individual customers. By knowing customers' habits, automakers want to deliver valuable services, such as offering to navigate to a customer's preferred gas station when a car runs low on fuel.

That was the personal touch Toyota had in mind when it decided to form a data science arm called Toyota Connected at its new U.S. headquarters in Plano, Texas. The division's job is to build in-car services that learn from customers' habits, while also monetizing the data by offering it to dealers, distributors and other partners.

If they wish to reap the benefits of connected-car data, automakers can't afford to betray customers' trust, said Jon Allen, a consultant at Booz Allen Hamilton who helped build the Auto ISAC, a database used by automakers and suppliers to share information on potential cyberthreats. "You can't do analytics with vehicle data," Allen said, "unless consumers trust what you're going to do with their data."