Not Just Refrigerators and Light Bulbs: Connected Vehicles as an Extension of the Internet of Things
Asking what cars have in common with refrigerators and light bulbs may seem like the setup to a bad joke, but it is a serious question that touches on a broad policy debate among federal and state regulators on how to regulate smart, internet-connected devices with the capacity to provide users with real-time data streams or remote access. In other words, cars are on the verge of becoming yet another extension of the Internet of Things. As such, vehicle manufacturers should be mindful of the ways in which internet-connected vehicles may touch on important and emerging policy issues for communications and privacy regulators.
Market research indicates that awareness of connected car products and services is influencing purchasing decisions, with most consumers expecting automobiles to soon have similar connectivity, and to deliver the same services, as their smartphone. Infotainment and navigation are the most obvious sources of consumer demand, but equally appealing to consumers are safety and services which reduce the cost of vehicle ownership. Just as ride sharing has reshaped the auto services landscape, the rise of car sharing services in places where car ownership is economically out of reach or socially discouraged will push consumer demand for connectivity functionality to enable remote access and control in support of such services. In addition to consumer demand, the onset of eCall in the European Union and the advent of similar initiatives in the U.S. and Asia will be significant drivers of connectivity services in that every car is going to have to be connected through an embedded communication device. The presence of onboard hardware is an opportunity to rethink and remake the relationship between car and consumer. Given the pace of innovation in the automotive sector, our goal is not to catalog the myriad vehicle features that implicate communications, privacy, and data security regulations and policies. Instead, we examine two emerging vehicle features—onboard internet connections and vehicle telematics—as representative of the types of legal and public policy issues that manufacturers and regulators may need to consider going forward.
Onboard Broadband Internet Access
Over the past year, several automobile manufacturers have launched exciting new features that are based around an onboard broadband internet connection. These features, which typically include an onboard 4G/LTE mobile device and a vehicle-based WiFi network, are a potential boon for consumers, yet their widespread adoption could pose twin regulatory challenges for manufacturers and the Federal Communications Commission (“FCC”), the federal agency responsible for regulating wireless communications within the United States.
Vehicle manufacturers may need to consider the regulatory implications of how they provision the 4G/LTE service to vehicles with onboard wireless networks. While this could seem like a simple business decision, it is one that could, at least in theory, implicate the FCC’s new open internet regulations. For example, with the FCC’s
For its part, the FCC may need to take onboard WiFi into account as it begins to focus more intensely on issues relating to WiFi spectrum allocation. WiFi devices operate within strictly defined swaths of spectrum, and with the proliferation of mobile devices, that spectrum has become increasingly congested. Once vehicle-based WiFi networks—sometimes operating in close proximity to one another—are added to the mix, WiFi channels could become overloaded. In February of this year, two FCC Commissioners, Commissioner Rosenworcel and Commissioner O’Rielly, published a
Automakers and manufacturers of smart devices face many of the same privacy and security concerns. Devices that collect, store, and disclose user information have the potential to divulge sensitive information about the user’s life. Similarly, for both reputational and legal reasons, device manufacturers are increasingly sensitive to the ability of a malicious third party to exploit security vulnerabilities to exfiltrate data from a connected device or to cause it to operate in a manner inconsistent with its intended use.
Currently, regulators are taking a thoughtful and measured approach in reviewing policy and regulatory implications of the Internet of Things. Yet, a recent report of a telematics hack that enabled remote control over a vehicle’s braking system could change the calculus by creating political pressure for regulators to accelerate their review of network and device security in the context of the Internet of Things.
Looking at the same issue through a privacy lens yields similar results. While the public may be concerned about companies collecting real-time data about food consumption or electricity use, those concerns are viscerally different from using vehicle telematics to track any number of facts about how a person uses a vehicle. Vehicle manufacturers will need to consider carefully potential uses of the vehicle telematics information that they intend to collect (or are already collecting). GPS data and certain system data can be useful in responding to requests for roadside assistance, but that same information could also be used by law enforcement in criminal investigations or by insurance companies to adjust a customer’s premiums. As vehicle manufacturers enter the realm of big data, they need to have a keen understanding of developing federal and state privacy requirements that could impact the manner in which vehicles collect, store, use, and disclose information.
Vehicle manufacturers are creating new technologies at a dizzying—and exciting—pace. While emerging technologies have great potential to increase consumer welfare, manufacturers should carefully consider both the public policy and legal ramifications of such technologies. Effective advocacy and messaging may help regulators develop rules and policies that work with—not against—these new technologies.