Connected cars: How safe is your data and will cops know you are breaking the speed limit?
Connected car technology seems to be all the rage these days. Hyundai kicked things off in the affordable end of the market with the Venue and its BlueLink system. MG soon followed with the Hector, proudly proclaiming the same with the slightly tasteless ‘Internet Inside’ badges stuck all over it and Kia then launched the Seltos with UVO. These systems are the beginning of a revolution of how we interact with our cars. They open up a world of opportunities when it comes to the features it provides an end user with, but it also opens up a Pandora’s box of questions. Before we get to these questions, let us understand the technology a little better.
The Connected Car
Connected cars are cars that are constantly connected to the internet, transmitting data about the cars vitals in real time. These cars are embedded with a sim card not unlike the ones we use in our mobile phones and use mobile network to communicate with a central server, and consequently allow you to interact with your smartphone. In the past, cars have been able to connect to mobile phones but this was done with Bluetooth and was limited to sharing audio locally. The eSIM, coupled with the car’s in-built GPS systems open up a world of possibilities. You can now, on your smartphone, track where your car is at all times, see what speeds it is doing and set up all sorts of alerts if the car leaves a specific area or is running after a certain time. The system also lets you start the cars remotely, in case you are travelling for extended periods of time. The Hector’s system can also get over the air updates to keep the system up to date in the future. Ather Energy, the start up that has launched an electric scooter is another example of a connected vehicle. An Ather 450 has a similar set up with an eSIM, and collects data about your frequent routes, your average and top speed and even your lean angles on the scooter. As far as the customer goes, these features are extremely useful. Geofencing and time-based alerts are particularly useful if you have a teenager in the house, the ability to start the air conditioner remotely means you don’t have to deal with those first 10 minutes of discomfort if your car has been parked out in the sun, and vehicle health updates will help preempt trouble on the car before too much damage is done. But, there is a flip side to this. And that comes down to data privacy.
National interest v Privacy debate
When connected cars were first announced, there were a lot of concerns about cars getting hacked in to. While this is a legitimate possibility, I think car companies have the resources to ensure the best security systems protect the data they collect from people trying to break in to it illegally. What is more of a concern is the data being revealed through diktats from the government. Data privacy laws are still being shaped all over the world and different countries have different approaches. In India, the government has tabled the Personal Data Protection Bill — a bill that proposes what can/ cannot be done with customer data. Originally put forward in 2018, a revision in 2019 brought to the fore some serious concerns. The 2019 draft allows the central government to exempt any government agency, law enforcement agency or authorised third parties from the Bill. The idea behind this is to allow law enforcement to solve crimes faster, but it has come under heavy criticism for the same. Justice BN Srikrishna, the chief architect of the first draft has voiced his concerns saying the law can turn India in to an Orwellian state. The bill goes against the Right to Privacy, which is guarunteed as a fundamental right under the Article 21's right to live and personal liberty.
How does this affect someone with a connected car? If the Bill does get passed and it turns in to an Act, the government and possibly the police can ask a manufacturer to turn in data about a vehicle that is under investigation. The government or law enforcement agency will be able to access where the car has been, how fast it has been travelling and since a lot of these cars have voice recognition softwares, maybe even who was travelling in the car. In the future, connected cars may be able to alert the police if it crosses the speed limit. While all of this would go a long way in solving crimes and possibly even making our roads safer, it also raises the issues of a surveillance state.
Data privacy has been a huge concern over the last few years and one of the most high profile cases of the same involved technology giant Apple and the FBI. The FBI wanted Apple to create a software to give it access to a mass shooter’s iPhone, and Apple refused citing this would lead to major security issues for all its customers. The debate between national security/ interest and private data is an ongoing one. As of now, the Bill in India is currently under review.
A Better Future
Connected cars are still in their nascent stage, especially in India. Only a handful of models have them and mostly only on higher variants. It will take time for the technology to get adopted universally, but as with all things to do with technology, you can expect the growth to be rapid. Tarun Mehta, the CEO and co-founder of Ather did give us a semblance of hope. He said, “In our case, we don’t have personally identifiable data. Unless the customer gives us access, we don’t know who’s data we are looking at. We are gradually building in those measures, and very soon, this will be reasonably anonymised on our service.” But he also did say that he will comply with the law of the land. My opinion on all this? I genuinely hope legislators account for the individual’s privacy and strike the right balance when it comes to Data Privacy laws in India. The effects of the law are far reaching — our smartphones are data goldmines and will be the most vulnerable devices we own. But vehicles will soon follow. And while India’s roads definitely need to be safer, I’m not sure the flip side of that should be mass surveillance.