Tell Congress to Protect Our Personal InformationLearn More About Unauthorized Access to Data
Today, Public Knowledge, Consumer Federation of America and New America’s Open Technology Institute submitted comments to the National Highway Traffic Safety Administration’s Notice of Proposed Rulemaking on mandating Direct Short Range Communication (DSRC) service for vehicle-to-vehicle (V2V) communications.
The NPRM seeks to examine ways to reduce the number and severity of motor vehicle crashes in the United States. Public Knowledge supports this goal but advises against commercializing the DSRC service, which would leave the door open for non-safety uses of DSRC spectrum, introducing unresolved cybersecurity risks and consumer privacy concerns.
The following can be attributed to John Gasparini, Policy Fellow at Public Knowledge:
“We are reiterating our concerns about NHTSA’s DSRC mandate for all new cars in this filing. In recent months, we’ve seen a dramatic increase in consumer interest in privacy and cybersecurity protections. While consumers clamor for greater protections, however, NHTSA continues advancing a proposal that would mandate a vehicular technology that not only lacks adequate privacy or cybersecurity protections but also remains open to commercial use.
“This cybersecurity approach lacks depth, opening the door to additional threats to all cars and expanding attack vectors into already-vulnerable vehicles. On privacy, NHTSA goes further, washing its hands of any concerns about data collection or data use by third parties. This is particularly problematic when we’re talking about mandatory technology that could be used to track individual cars -- and their drivers.
“This is made more troublesome because NHSTA’s proposal leaves the door wide open for commercial services like infotainment, advertising, and social media platforms. Deploying commercial services like Facebook, mobile payments and targeted advertising in automobiles only amplifies DSRC’s cybersecurity risks. If this mandate is truly about safety and saving lives, it should focus exclusively on those goals and close the door to commercial interests that aren’t about safety until the cybersecurity and privacy concerns are adequately addressed.
“The digital revolution of recent decades shows no sign of slowing down, but we must not let enthusiasm for progress impede network security best practices. Although we support efforts to leverage technology to make cars safer, we are concerned that the current proposal causes more problems than it solves. When it comes to ensuring safety in a landscape of increasingly complex technologies, the duty to consumer safety and security must always come first. While NHTSA and the auto industry are in the driver’s seat, we urge them to please drive safely.”