
Cops won’t need a warrant to pull the data off an autonomous car - privong
https://arstechnica.com/tech-policy/2018/02/why-self-driving-cars-may-be-heaven-for-investigating-crimes-and-accidents/
======
mLuby
'I felt like I was in heaven,' the cop said. 'It's like instant replay in the
NFL, I can tell what happened.' The engineers looked at each other like, 'Aw,
crap.'

As engineers, we have an obligation to think through privacy concerns.

These (and nearly all) devices should either not retain data or should encrypt
it. Also my self-driving car better not be phoning home or getting updates
over the air. I've seen what happens in Fast and the Furious 8…
[https://fsmedia.imgix.net/19/8a/19/0d/3e81/44e8/ab9d/679cbb2...](https://fsmedia.imgix.net/19/8a/19/0d/3e81/44e8/ab9d/679cbb29bbb6/hack-
the-cars-why-not-hack-the-planet.gif)

~~~
jdavis703
Aircraft, even private aircraft, are tracked and recorded. Why should
automobiles be any different? Far more people are killed and injured by
vehicles than are killed by aircraft. In general I'm pretty pro-privacy but
I've had way too many close calls and accidents with bad drivers who were
found to be at fault. Maybe there's a better way to get to vision zero, and if
so I'd love to hear it.

~~~
dtech
Cars, especially in the US, is very closely linked to the location of a
person. For private aircraft that is generally not the case I assume.

I work for a semi-governmental organization in the Netherlands and we track
ships. Tracking company-owned commercial ships is no problem, but we are
heavily restricted by law in what we can do with the location data of
privately owned ships because people live on them.

~~~
rayiner
If you want privacy maybe don’t drive around on what is literally government
property.

~~~
lovich
Privately owned boats and autonomous cars are government property?

~~~
PeterisP
That post probably means public roads.

~~~
lovich
I guess I can understand the argument but I don't see what kind of world view
thinks that you can go out into the world r have privacy. Roads are what
connect the vast majority of all land. It's not like you can just trespass
into other people's land and expect privacy either

~~~
PeterisP
The world view is that what happens in public space is not private; you can't
expect privacy for things you do in public.

If you go to a public concert, people can look at you, note that you were here
and tell that to others. That doesn't violate privacy because you had no
privacy there to begin with. And in a similar manner, if you drove last
thursday on a particular road, whoever bothered to look at you and your car is
allowed to do so, note that you were there, write it down and tell that to
others.

Privacy is about your private stuff - what you do in your private space, what
you have in your private items. If you go out in the public, the things that
you do (and where, and when, and with whom) are not private anymore.

~~~
waspentalive
In a public space a random person might 'see' you there - but they would not
know who you were and may not even remember you correctly. A machine on the
other hand remembers perfectly and records constantly. As far as your car-the
random observer may be hard pressed to note the fact of your license plate
number while trying to remember what kind and color your car was.

------
justgottasay3
I think there is an aspect of privacy that folks may be ignoring. Privacy from
commercial entities.

Consider the following scenario:

Driver A and driver B are involved in an accident. Driver C is in an
autonomous vehicle that "witnesses" the accident, by being in close proximity
to the event.

If driver A or B have the same insurance company as C, that company could get
the data from C to determine fault in the accident that C's vehicle
witnessed... or better yet, show that both drivers were at fault and they will
not pay anyone anything.

As the number of autonomous vehicles rise, the amount of data available to
companies will grow, too.

I would be surprised if there isn't language in the policies being
underwritten today that would make such a thing possible... possibly even
mandatory.

~~~
maxerickson
For automobile insurance, I don't find the idea of the insurance company
getting detailed information about a collision disturbing at all.

There's probably reason to make sure that policies don't contain weird
provisions related to that data collection, but there isn't really a strong
case for hiding driver information, there is enough variation in drivers to
justify varied premiums.

------
ovi256
This is an aspect of autonomous vehicles that I had never considered before.

Given each AV has complete 360 degrees camera coverage (for detection of other
vehicles, if Tesla, for debugging, if others which rely primarily on Lidar)
and this camera data is very valuable for debugging and as a liability
reducer, this data is very probably to be kept, then transferred to a
datacenter. So each AV is also a bunch of mobile security cameras.

LE officers can access those recordings with the same ease they access fixed
security cameras, once an investigation starts. Very easily, even without a
warrant.

One increased difficulty is the need to ask AV makers which vehicles were near
the incident at the time, so as to know which AVs camera recordings to ask
for. That location data is protected, at least in some US states.

~~~
revelation
I don't think that data is likely to be kept, raw or otherwise, on anything
other than a very small rolling window, if even that. What the author of this
article missed is the boot full of server racks that have the storage and
processing abilities to even consider storing the raw data from a multitude of
cameras, LIDAR and associated sensor systems.

For development, sure, in test fleets, sure, but production cars won't bother
with that.

~~~
cabaalis
In all the vehicle recording systems I've worked with (for a local
municipality's police video recording) the only video data that would be
stored is video data that is pertinent.

So you wouldn't record and store an officer's complete shift. When the officer
turned on his lights or siren, the device would rewind 30-45 seconds and start
recording. It would then record until the lights/siren were disengaged. That
is the video that would be uploaded.

So I think a more likely scenario is that the autonomous cars would in fact
permanently store and share all GPS data, but data from the sensors would only
store what was recorded with a reasonable buffer around a fault event such as
a collision.

~~~
milesokeefe
Ubiquitous 5g could allow for constant data egress.

------
bhauer
Imagine a world with less centralizing force, where owners of devices are
encouraged to decentralize data storage. In such a world, autonomous vehicles
would ask you to specify where to store the data they collect. The owner could
select to choose on-vehicle storage, vendor-provided central storage, or a
data server they personally own and operate. And in all cases, given an option
to encrypt using a key selected by the user/owner.

I would prefer such a world. It provides a different legal context where law
enforcement would need to compel each individual owner to turn over data. Such
compulsion could certainly still be realized, but it's a more significant
hurdle than forcing the manufacturer rather than the user, and it's more
likely to see challenges.

~~~
mattmanser
I'd love that, but there are three problems with it, even if you put aside the
commercial benefits:

1\. Means people have to build and test two systems

2\. It's confusing to the normal user

3\. It's better for the product if it's shared as they can iterate and improve
based on the data.

This actually applies to loads of products, like voice recognition (Google has
recorded and stored everything you've ever said to 'ok Google's on their
servers).

So I don't think we'll see a solution until we see a massive shift in privacy
becoming a key election issue. Which it probably won't for decades or until a
ruthless dictator takes over a developed country (sort of happening in
Turkey).

~~~
__sharp
In my ideal world, data should go to the vendor by default. As you said, it
helps the product improve by feeding it more data, and it's simpler for most
users.

With that being said, privacy concious people should have the ability to opt
out, and either not have their data stored permanently at all, or allow them
to store it on a personal server. If you chose to do that, it's on you to make
sure your server is setup in a way to ingest the data, so no additional work
for the vendor.

I suspect in reality most vendors would not provide that option, because data
is so valuable, which is why it's important to have laws that allow us to
protect it.

------
weinzierl
They won‘t „pull the data off your car“ anyway, because all the interesting
data will be elsewhere.

Also considering that all the big car manufacturers are working on business
models where usually driver and owner are different entities this even gets
more involved.

We had an interesting case in Germany where data ended up in the court room
neither the manufacturer nor the car-sharing provider claimed to have.

~~~
drdaeman
Well, I think the essential mistake here is that it's not _your_ car to begin
with. You may fully or partially own the hardware, but the actual autonomous
vehicle core is not your property - it's only licensed to you.

------
jmull
This is interesting, but a bit of a side-show.

For the more significant stuff -- where you go and when, who you communicate
with and what you communicate about -- data from autonomous vehicles probably
isn't going to be the main issue.

It will generally work a lot better -- cheaper, easier, more reliable, etc. --
if they get their surveillance data from a system designed for their purposes.
And, of course, they don't have to wait for the widespread adoption of
autonomous vehicles to build such a system. In fact, they haven't waited.

The big question is how our norms and laws around privacy reset after the
explosion of information technology has wiped away all the assumptions on
which our traditional notions rested.

------
yardie
They’ll need a warrant to pull the data from the manufacturer. Chances are no
LEA is even going to ask your permission as you won’t have the tools nor know
how to pull that data.

~~~
confounded
> _They’ll need a warrant to pull the data from the manufacturer._

Can you elaborate?

~~~
PeterisP
As the article says "As such, Tesla's terms and conditions—like those of other
non-automotive tech companies, including Apple, Google, and more—say that the
company will hand over data to law enforcement when legally compelled to do
so."

"Legally compelled to do so" means a warrant or a court order or something
like that; which in my mind seems reasonable; in general, we _do_ want courts
to get evidence to determine what actually happened in (potentially fatal)
accidents, instead of having to do without and have a greater chance of making
a wrong judgement because they didn't have that information.

------
userbinator
The scariest thing is that the government could just ban non-autonomous cars
completely, under the guise of "safety", meaning there would be no opting out
of being tracked for any long-distance travel. I've never been a fan of self-
driving cars, and everything I've seen hasn't convinced me to change my
opinion.

"If you outlaw freedom only outlaws will have freedom."

~~~
0xcde4c3db
Even if everyone were to opt out of autonomous vehicles, law enforcement
bodies would just continue deploying and upgrading their own sensor networks.
Cameras that read license plates are pretty much standard equipment now; face
and gait recognition can't be far behind.

------
mnm1
Yeah, but we already knew this. Of course they will collect all the data they
can all the time and store is as long as they can. What I'm more interested in
is how they plan to treat the vehicles themselves. In an autonomous vehicle
world, there should be no more moving violations and being pulled over a thing
of the past, especially if the vehicles are not owned by humans. Or not, who
knows? That's the kind of information that would be much more useful and would
potentially save many more lives from ruin than the accident avoidance
technology.

------
gumby
This is interesting. A true comprehensive rethink is required.

When you rent a safe deposit box the law doesn't get automatic access (warrant
etc is required). They law could consider buying just a ride from an AV
service to be "renting" the car as you would a safe deposit box, house, or
apartment and require a warrant for police access.

But you'd have no authority over the cameras and other systems of all the
other cars around you -- those would still be available.

Tricky.

~~~
metaobject
I wonder whether, along with the rollout of the infrastructure needed to
support mass AVs, the govt will just be adding in traffic surveillance cameras
as well? It seems to me that the infrastructure to support mass AV traffic
would involve lots of sensors, cameras, and other electronic devices.

~~~
gumby
> I wonder whether, along with ... mass AVs, the govt will just be adding in
> traffic surveillance cameras as well?

I don't wonder -- it seems quite certain this will happen. It seems whenever
new systems are put in place, surveillance is built in: Automatic bridge toll
payment? Could have been done with a reloadable token but no, you have to tie
it to a particular vehicle and identity, and _that_ information has been used
by law enforcement. Driver's licenses? They really need only a photo and an
expiration date but instead they are belarded with all sorts of information
(weight, address etc) which have nothing to do with driving.

In this case it will likely be shrouded by the overstretched and abused "third
party doctrine" (if a third party has the info the govt can just go see it --
so the DEA doesn't have a license plate database, it can simply contract with
a third party to make one instead). The government will simply require that AV
fleets provide all their telemetry data including optical camera info.

> It seems to me that the infrastructure to support mass AV traffic would
> involve lots of sensors, cameras, and other electronic devices.

What sort of infrastructure should be built that is specific to AVs (and why
should the government, rather than the fleet operators or other third parties
implement it)? Why should they need even as much as humans require today?

------
walterbell
Why is raw sensor data needed for longer than a few minutes? Is it not
sufficient to update models and discard the raw data?

~~~
j3097736
Because you might want to process it differently?

~~~
walterbell
For development/debug, yes.

How/why would a _production car_ need to process it differently and why
couldn't all processing be done in real time? Safety certification means the
car's functionality has to be static, until the next certified software
update. Data does not need to leave the car, since the purpose of the data is
for the car to drive, which is a transient state.

~~~
PeterisP
If you're driving a production car version 1.23, then the manufacturer
(obviously) wants data from that car to be used in development of production
car version 1.24.

The technology needs improvements, and the process of making those
improvements is hungry for data. Every manufacturer will be in
development/debug mode of their self-driving systems at least for the coming
decade, so sensor data from every mile of every car is wanted and useful, and
manufacturers are configuring production cars to upload as much raw sensor
data as is practical.

~~~
walterbell
That logic applies to every product ever made in the history of technology.
Somehow their R&D departments did not need 7x24 data feeds.

Each society can decide whether to permit this particular product to collect
unlimited data. The presumption is that the data belongs to no one. Let's see
what happens when more than one large corporate entity lays competing claim to
the same data subset, embedded by a wide-ranging data dragnet.

~~~
PeterisP
I do think that the logic does _not_ apply to every product ever made, that
there's a major conceptual difference between products purely designed by
humans and products where key features are driven by machine learning and
availability of raw data.

A 24/7 data feed from your toaster is not going to make your toaster better.
It _might_ help an R&D department identify some ways how the next toaster
model should be different, but that's about it.

However, a self driving car is data-starved and is still going to be data-
starved years from now. At any moment of time, your car could drive better and
safer simply if it had more "experience" \- the v1.24 software release can be
meaningfully better than the v1.23 software release even if R&D department
does nothing else but simply import the data received from millions of other
cars; if your car is allowed to learn from what other cars saw.

Ensuring that the quality of driving systems increases as fast as it can is
important for the society, with a major impact on injuries and casualties. I
feel that it would be best for the society if we ensure that this learning
(and the required data transfer) is not prohibited, as long as we can
solve/restrict the potentially harmful uses of the data.

~~~
walterbell
Or maybe we could save more lives by using technology to augment human
drivers?

We don't actually know that self-driving cars are possible in unrestricted
environments. The industry is asking for highly invasive surveillance but has
no liability for failure to deliver. What happens if "more data" turns out to
be insufficient? Will the next request be "restrict the environmental context"
or "pass new laws to change human behavior"? Where does it end? Other
industries have to deliver results before changing the market. Uber et al
promised the moon to their investors, then ignored local laws, then promise to
save lives, then ignore privacy concerns, then ..?

------
Sargos
Laws take a while to catch up with new technology. This will be fixed in 8-14
years after enough people are affected by this and congress finally gets
lobbied enough. Early adopters will get hit the hardest though.

~~~
UncleEntity
Or in 8-14 years they have a critical mass of people who grew up being tracked
24/7 that they just shrug and say "1984? You mean like that weird Apple
commercial from, what, the Super Bowl or something? And yes, please pass the
Soma."

------
mhb
Big Brother on wheels: Why your car company may know more about you than your
spouse:

[https://news.ycombinator.com/item?id=16299464](https://news.ycombinator.com/item?id=16299464)

