A special report from Reuters describes a potential privacy and business operations concern for the collision repair industry — video recordings by vehicles inside shops being shared.
Tesla’s Customer Privacy Notice states, “To protect your privacy from the moment you take delivery, Tesla does not associate the vehicle data generated by your driving with your identity or account by default. As a result, no one but you would have knowledge of your activities, location or a history of where you’ve been… Tesla vehicles are equipped with a camera suite designed from the ground up to protect your privacy while providing advanced features such as Autopilot, Smart Summon, and Autopark.
“…In order for camera recordings for fleet learning to be shared with Tesla, your consent for Data Sharing is required and can be controlled through the vehicle’s touchscreen at any time. Even if you choose to opt-in, unless we receive the data as a result of a safety event (a vehicle collision or airbag deployment) — camera recordings remain anonymous and are not linked to you or your vehicle.”
However, between 2019 and 2022, groups of Tesla employees privately shared customer videos and images recorded by their cars via an internal messaging system, which were sometimes highly invasive, including one man approaching the vehicle naked, according to what nine former employees told Reuters. And they said the computer program used by Tesla shows the location of recordings.
This sparks a privacy and security concern for shops of making sure employees understand their actions in the shop, and even in the parking lot, might be recorded and viewed.
“The car manufacturers are putting this in, both Tesla and Rivian, because they understand there’s a demand for that but there’s also some privacy issues,” committee member Amber Alley said at the time.
She and committee member Ron Reichen noted that the ongoing recording could be both positive and negative. It could record a nearby assault and vandalism of the vehicle itself but could also record passerby’s personal information without them knowing.
They noted that Lucid has a data protection feature built into its vehicles’ key fobs. Without having it, there’s no way to access data that’s stored on the vehicle.
“We’re losing our privacy and, as a shop, what should we be doing to protect our customers as well as ourselves in these situations? Should you be going in and erasing these videos? That’s something for us to think about,” Alley said.
Reichen added that when a TL vehicle leaves a shop, it goes through a lot of hands – transporters, tow yard and auction employees, and others that could have access to the data then after the car is sold it meets more hands to either be disassembled and recycled, rebuilt, or sold offshore for personally identifiable information (PII) to end up in a foreign country.
The committee determined it would be a best practice for shops to get authorization from their customers to reset or clear personally identifiable information (PII) data from TL vehicles or vehicles they intend to sell and have them sign a release to avoid any liability associated with the procedure. The procedure, according to Data Enhancement Gateway (DEG) Administrator Danny Gredinberg would be not-included.