The California Privacy Protection Agency (CPPA) says it has launched a review of connected vehicle (CV) OEM data privacy practices.

Noting that CVs are equipped with features like location sharing, web-based entertainment, smartphone integrations and cameras, CPPA said data privacy considerations are “critical” given the ability they have to collect information about occupants’ personal lives.

“Modern vehicles are effectively connected computers on wheels,” said Ashkan Soltani, CPPA’s executive director. “They’re able to collect a wealth of information via built-in apps, sensors, and cameras, which can monitor people both inside and near the vehicle.”

Soltani added: “Our enforcement division is making inquiries into the connected vehicle space to understand how these companies are complying with California law when they collect and use consumers’ data.”

With more than 35 million registered vehicles in California, the agency said CV data privacy affects virtually all Californians who drive, rideshare or walk near vehicles equipped with such technologies. Of course, this includes those tasked with repairing vehicles following a collision.

California’s Consumer Privacy Act, which took effect in January 2020, gives state consumers the right to: 

• • “Know about the personal information a business collects about them and how it is used and shared;
  • “Delete personal information collected from them (with some exceptions);
  • “Opt out of the sale or sharing of their personal information; and
  • “Non-discrimination for exercising their [privacy act] rights.”

Consumers can report possible violations through an online state portal. 

Earlier this year, a class action lawsuit was filed in California against Tesla over claims its employees privately shared customer videos and images that were recorded in their cars via an internal messaging system.

The lawsuit, filed in U.S. District Court, Northern District of California on April 7, stated that Tesla vehicle cameras record as part of the advanced driver assistance system (ADAS), Autopilot, which is “integral to Tesla electric vehicles.”

The case, which was brought to light by Reuters, sparked a privacy and security concern for shops of making sure employees understand their actions in the shop, and even in the parking lot, might be recorded and viewed.

Meanwhile, the Society of Collision Repair Specialists (SCRS) Education Committee shared during an August 2022 presentation that vehicles recording and storing video, such as Tesla’s Model 3 Sentry Mode and Rivian’s Gear Guard, also pose a risk for consumers and repairers when vehicles are declared total losses or are later sold.

“The car manufacturers are putting this in, both Tesla and Rivian, because they understand there’s a demand for that but there’s also some privacy issues,” committee member Amber Alley said at the time. “We’re losing our privacy and, as a shop, what should we be doing to protect our customers as well as ourselves in these situations? Should you be going in and erasing these videos? That’s something for us to think about.”

Images:

Main image: iStock/Ravi_Goel