The connected vehicle: data ownership and cybersecurity

In the HQ TechTank mobility series, one provocation I respond to is the question of the social impacts of a fully connected self driving car, where the computer and the car are connected to other cars (V2V), the internet and to transportation infrastructures (V2I). What could possibly go wrong? This blog will consider the question of data ownership and cybersecurity questions such as hacking autonomous vehicles.

In terms of car ownership, autonomous vehicles will initially be expensive and only those in the luxury market are likely to own their own vehicle. The greater majority of people are likely to access AVs through fleet access and a sharing economy structure, much like GoGet in Australia.

There are several implications that are raised if drivers do not own the vehicle they are travelling in and are not responsible for what the vehicle does. If the users do not own the autonomous vehicles they travel in the questions raised for me are who is liable for accidents (insurance and legal implications) and who owns the users’ activity data. The following case study will focus on this question of personal data ownership.

Case study: Personal data ownership

Ratnam (2019) accounts that a car can generate about 25 gigabytes of data every hour and as much as 4,000 gigabytes a day, according to some estimates. Drawing on data from consulting business McKinsey, he anticipates that the data trove in the hands of car makers could be worth as much as US$750bil (RM3.11tril) by 2030. 

At the time of writing in 2019, (Ratnam) records that consumer groups, aftermarket repair shops and privacy advocates argued that the data belongs to the car’s owners and the information should be subject to data privacy laws. In line with this, the European Union had already ruled that data generated by cars belonged to their owners and is subject to privacy rules under the EU’s General Data Protection Regulations or GDPR.  

In 2019 the Auto Alliance, a trade group representing the world’s largest car makers, was seeking for California to legislate that the companies be allowed to provide only summary information to consumers as opposed to the specific pieces of personal information a business has collected about them. This raises the question as to who owns the data for the user of an autonomous vehicle, particularly if the user does not own the vehicle.

The answer to this question will become more urgent with the deeper levels of data that automated vehicles will collect. Andrejevic (2020) argues that the creation and deployment of autonomous vehicles will transform cars into fully mediated devices, packed with sensors that collect and process a growing range of information. 

To find out more about who will own these autonomous users, we can turn to the Director of Product for Lyft, the ride-sharing platform who spells out how this company anticipates the future with autonomous vehicles (Swisher 2017). Taggart Matthieson detailed the collaborative model proposed in 2017 that Lyft is pursuing through the provision of an open platform with a number of partners who were seeking to produce level 5 vehicles (fully autonomous).  In his description he implies open data flows of user activity between the companies involved.

From the consumer experience point of view, the user of an autonomous vehicle will encounter two brands. The vehicle itself will be branded to the manufacturer, this will include the “brain” of the car, and the interface that the customer engages with and trip experience be curated by Lyft. The integration of the Lyft interface with the vehicle would include gathering intelligence from the car in order to facilitate the passenger validation process; for example gathering sensor data on the weight of the passenger on the car seat, that they have closed the door and connected the seatbelt. It will be an “integrated experience” between the sensors in the vehicle and the trip experience that Lyft provides. Summary taken from Taggart Matthieson, 2017, Recode Decode podcast.

More recently, Lyft and Aptiv launched a robotaxi pilot in January 2018 in Las Vegas. The program, which puts Aptiv vehicles on Lyft’s ride-hailing network, surpassed 100,000 rides this month. Human safety drivers are always behind the wheel and the vehicles do not drive autonomously in parking lots and hotel lobby areas (Korosec 2020).

In her article detailing Lyft’s current AV strategy, Korosec (2020) notes that in 2019, Lyft reported to the Californian DMV that they had 19 autonomous vehicles testing on public roads in California. Those 19 vehicles, which operated during the reporting period of December 2018 to November 2019, drove nearly 43,000 miles in autonomous mode. The report showed that Lyft is doing more than partnering with autonomous vehicle companies like Aptiv. 

These shifts towards MAAS, Pizzuto et al. (2019) argue, will change the rules of the game across the entire mobility space, as software and data become fundamental differentiators when building and operating cars. They observe that the mobility sector will become ground zero for a convergence of industries that include automotive, transportation, software, hardware, and data services. These trends point to the impending question that whilst private car ownership may decrease, who will own our data?

These two case studies demonstrate some of the perhaps hidden or less obvious social implications of autonomous vehicles that do need to be broadly considered.

Is the cybersecurity sector ready for our cars becoming all connected? 

Driverless cars are seen as one of the key disruptors in the next technology revolution. However, Kaur and Rampersad (2018) argue that the main barrier to adoption is the lack of public trust. Drawing on quantitative evidence, their study found that the ability of the driverless car to meet performance expectations and its reliability were important adoption determinants. Significant concerns included privacy (autonomy, location tracking and surveillance) and security (from hackers). The discussion of user privacy concerns was discussed in one of the initial case studies on personal data ownership. This section will focus on the issue of data security. 

In a report on the state of autonomous vehicles, West (2016) notes that autonomous cars depend on vehicle to vehicle (V2V) communications and vehicle to infrastructure (V2I) connections. Similarly, Vassallo and Manaugh (2018) observe that AVs are vulnerable to malicious attacks through many channels such as attackers physically tampering with a vehicle’s hardware, intercepting a vehicle’s communication signals, or hijacking a vehicle’s connection to a centralized server.

Case study: Hacks on AVs

Automated vehicles are equipped with multiple sensors (such as LiDAR, radar and camera) enabling local awareness of their surroundings. Researchers Jonathan Petit and Steven Shladover (2015) outline a number of security threats to connected cars. This includes hacking, jamming, data theft, ghost vehicles, or malicious actions such as using bright lights to blind cameras, radar interference, or sensor manipulation. Any one of these activities could disrupt communications and create false readings for artificial intelligence algorithms. Their study identifies GNSS (global navigation satellite systems) spoofing and injection of fake messages as the most dangerous attacks (i.e., most likely or most severe). Manipulating this type of information puts passengers are risk and potentially can lead to serious accidents. 

Cybersecurity experts already have demonstrated a capacity to remotely hack a Jeep Cherokee. In a report published in Wired magazine (Greenberg 2016), they tampered with the vehicle’s steering, brakes, radio, windshield wipers, and climate controls, and showed that this vehicle was easy to disrupt through its Uconnect software. This example shows that designers need to take vehicle security very seriously in order to avoid unnecessary risks. 

Vassallo and Manaugh (2018) argue that malicious software (malware) is also a hurdle to autonomous vehicle (AV) adoption and a serious threat to AV occupant safety. They observe that by removing the need to pay attention to the road, AVs will allow drivers to conduct Internet browsing activity that increases malware infection risk (like pirating media or viewing pornography) that falls outside the limited browsing options vehicle infotainment systems offer today. They also note that it is also possible that immobile information broadcast points could infect vehicles driving within signal range to these. Interestingly they suggest that it is possible that AVs could avoid malware-prone areas when planning a route or suggesting a destination of interest such as a gas station.

Within a MAAS system the vulnerabilities of centralized platforms coordinating personalized trip planning, pick up and payment (e-commerce) are also likely to be a target for client/server security threats as well as cyber identity thefts (Sharma, Singh & Sharma 2009). 

Case study: Hacks on infrastructure

Identity theft and credit card theft is common in the online environment, with marketplaces for stolen data established in many spaces, including cryptomarkets (Aldridge & Décary-Hétu 2014). E-commerce platforms regularly have their cyber security ‘tested’ by hackers seeking passwords, credit card information, personal identifiers for identity theft or other valuable data points. This has already been the case for Uber, who was reported to have concealed a massive global breach of the personal information of 57 million customers and drivers in October 2016 and paid the attackers $100,000 to delete the data and keep the breach quiet (Wong 2017). Similarly, in 2018, a ride-hail app called Careem based in Dubai reported hackers for stealing data belonging to 14 million riders and drivers, including customer names, email addresses, phone numbers and trip history, but no evidence of password or credit card information (Dickey 2018). E-commerce platforms holding credit card information and personal information are subject to identity and financial theft by malicious actors. 

Not only are the ride-share platforms already demonstrated to be vulnerable and targeted, so too is the public transport system. In 2016, a breach of the Western Australian transport systems initiated the organization shutting down real-time train tracking, amongst other systems, in response (Coyne 2016). Another instance, this time related to payment systems, the San Francisco public transit system was hacked with commuters unable to pay for their journeys and a ransom demaned. Monitors in station agent booths were seen with the message, “You Hacked. ALL data encrypted,” and the culprit allegedly demanded 100 Bitcoin (about $73,000). In response, the public transit service turned off the payment machines and opened the gates as a precaution. 

As Bergal (2018) reports in her article for a public service IT audience discussing instances of hacks of public transportation infrastructures, transportation systems are ripe targets for cyber criminals. From the smart cities perspective, journalist Ian Hardy (2016) draws on cybersecurity experts who say that it’s only a matter of time before hackers become interested in smart city transportation clouds and taking control of parking, traffic lights, signage, street lighting, automated bus stops and many other systems. He provides an existing example from Moscow, which has already experienced its first major transportation hack. Denis Legezo, a researcher with Kaspersky Lab, was able to manipulate traffic sensors and capture data simply by looking up a hardware user manual that was readily available online from the sensor manufacturer. With public infrastructure data likely hosted on an array of cloud servers, some within the jurisdiction and others not, this risk of malicious online activity and inability to apply local jurisdictional controls over the data (Ward & Sipior 2010) is only increased.

From these case studies we can see that there are several implications for an Internet of Vehicles that follow along the same concerns as the Internet of Things (of which they are a part) however hold their own unique implications that must be a part of the consideration of the implementation of these emerging technologies and mobility futures.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s