“Smart” cars; privacy protection means big business for the automotive industry

Your car might actually know you better than you know yourself. Sensors, biometric detectors and smart devices enhance our driving experience. And in case of voice controls, these can limit dangerous distractions, which are still considered the first cause of road accidents. However, the idea that a robot, albeit with our consent, can keep track of our habits - how we drive, where we go and what we look for on the Web - or listen to our conversations, emphasizes the often distorted relationship between privacy protection and technological development.
 
This relationship could represent a driving force behind economic and social developments, both for people and enterprises. While on the one hand motorists should be more discriminating when asking service providers for information and terms of confidentiality, on the other companies involved in developing software and smart components should set a limit, starting from the designing stage, on just how much personal information can be collected, in compliance to the current legal framework. Basically what should be considered as collectable data, what is the purpose and how can confidentiality be guaranteed. All elements that if respected would translate into a competitive advantage. Claudia Cevenini and Laura Lecchi, professors of IT Law and Informatics at the School of Engineering of the University of Bologna, currently dealing with protecting personal data as legal consultants for several software companies, are strongly convinced about this.
 
Data protection and information security are essential elements to the development and diffusion of artificial intelligence, they claim: especially when connected cars are involved. "When we hear talks about privacy we normally think only of a series of formal obligations: reports, contractual terms and so on. Instead there are substantial aspects involving the technological changes we are witnessing - explains Claudia Cevenini -. I am thinking, for example, of the protection of biometric data, considered sensitive data by Article 9 of the General Regulation on Data Protection - in the new European regulation on privacy (679 of 2016) which will become mandatory in Italy as of 25 May 2018 -. Technological developments that take into consideration laws that protect this information are not only an obligation, but can also represent a great business opportunity. Privacy can enhance the work of those who create technology. Thus, the ability to guarantee anonymity and data protection will give some companies a competitive edge over those who are not investing in this process. This is the so-called privacy by design and by default principle".

In the automotive field, this process is looming over the evolution of increasingly connected cars. These vehicles are equipped with sensors and devices able to communicate with surrounding objects. Millions of data, often of a sensitive nature, circulating through the Internet and leaving traces. Making these vehicles secure could prove to be one of the keys to success. According to Abi Research, 78 million connected cars are already circulating on our roads. A number destined to grow very rapidly, so much so that Gartner, a technology research company, estimates that by 2021, 98 percent of new registrations in the United States and Europe, will be connected. Therefore, being able to produce and sell cars that besides legally collecting data are also able to protect these from theft – just think of hackers – will prove one of the competitive advantages that companies in the industry - from vehicle manufacturers to components producers – can use to increase their business volume and consequently their market share. But for this to happen a different approach must be adopted, thus, according to both professors, companies must be able to provide, right from the beginning, appropriate data protection tools: security, transparency, user-centricity and data collection for specific purposes. All worthy ideas that often are seldom followed through due to the lack of awareness about legal obligations and difficulties in applying them concretely as well as technically.
 
"Currently, a number of National and European Laws protect the personal sphere of individuals - explains Laura Lecchi -. The problem here is mostly cultural and of legal sensitivity. Rules exist but how they relate to technological innovation and development is often completely ignored. Rules should become an integral part of the on-board management software devices and operating systems”. This would draw a line between which data can or cannot be collected and analyzed. Leaving little room for private interpretation. "All data collected by companies, even with the consent of the users - states Cevenini – must not be used indiscriminately. The principle of necessity or minimization of necessary data establishes that when data are analyzed by third parties, this should be done for specific purposes and only on specific authorization. If we apply this principle to the automotive field we should say that whoever builds smart cars or components should collects and retain only strictly necessary data for specific purposes. All the rest should be kept anonymous".
 
According to Cevenini and Lecchi, a meeting point between privacy protection and technological advancement is essential. And this synthesis must be sought by paying attention to the needs of both parties involved: people and businesses. "Progress means more than just creating new and innovative technologies, an evolution of civilization and behaviours is also necessary - concludes Lecchi -. Failure to question when and how our data are "bartered" in exchange for services is completely wrong. Companies must be included in the process: identifying solutions to improve user’s IT security and protect their personal data would make the products more reliable and therefore more attractive. This is the real challenge facing the development of smart devices: respect for rules and people as an advantage and not as a constraint".