The Government Accountability Office found that the National Highway and Traffic Safety Administration (NHTSA) needs to clarify its policies for ensuring the privacy of drivers of connected vehicles.

Thirteen of the 16 selected automakers in GAO’s study sell connected vehicles, and those 13 reported collecting, using, and sharing data on the cars’ locations and operations. This poses privacy concerns for connected vehicle drivers because their locations can be tracked and shared without their knowledge.

The 13 automakers reported that they collect this data on a relatively limited basis. The automakers often use data to provide requested services to consumers and for research and development. None of the 13 reported sharing or selling data to third parties without consumer knowledge.

“However, as connected vehicles become more commonplace, the extent of data collection, use, and sharing will likely grow,” the GAO report stated.

The 13 automakers all had accessible privacy notices but not all of them were clearly written and they did not describe how the automakers planned to share and use the data. The automakers reported obtaining consumer consent before collecting data, but the only alternative would be for consumers to opt out of all connected vehicle services, according to GAO.

The Federal Trade Commission has released reports and guidances on connected vehicle privacy and is working with NHTSA to coordinate its efforts; however, NHTSA has not clearly defined its roles and responsibilities for the privacy of vehicle data. NHTSA released its policy on vehicle privacy and also included the policy in its voluntary guidance for automakers, which the automakers said was confusing. NHTSA acknowledged the uncertainty in its policies.

Read More About
More Topics
Morgan Lynch
Morgan Lynch
Morgan Lynch is a Staff Reporter for MeriTalk covering Federal IT and K-12 Education.