Hacker News new | comments | show | ask | jobs | submit login
Is your connected car spying on you? (bbc.co.uk)
40 points by joosters on Nov 5, 2014 | hide | past | web | favorite | 46 comments



"All the data we collect is anonymous and we only sell anonymised data."

But there have been numerous violations of such "anonymised" data that caused the identities of the people ostensibly protected by this anonymization to be revealed.

There is ongoing research in to how to make more robust, mathematical guarantees of anonymity in such datasets. Until this research comes to fruition and becomes widely deployed in industry (something that's probably decades away), I would not take much comfort in assurances from industry reps that the data the companies they represent collect or release are "anonymised".


This post has some threads to pull for people wanting to get a picture of the research:

https://freedom-to-tinker.com/blog/randomwalker/no-silver-bu...

The post takes a negative view on anonymised data, but there are credible comments on both sides of the discussion.

(I posted it here a few months ago: https://news.ycombinator.com/item?id=8010061 )


> Until this research comes to fruition and becomes widely deployed in industry (something that's probably decades away), I would not take much comfort in assurances from industry reps that the data the companies they represent collect or release are "anonymised".

Even if the technology existed I would not rely on it being deployed and used correctly: 1) There is no incentive to do it because there is little penalty if they fail; and 2) IT security in general is completely unreliable; why would this be any different?

The only secure data is data that doesn't exist. Already there are government agencies that automatically delete internal communication (e.g., emails) within 30 days. If that's important for the security of their government data, which arguably should be open, why isn't it done with my data, which should be private?


" Already there are government agencies that automatically delete internal communication (e.g., emails) within 30 days."

Or they claim to have deleted it. And maybe, technically speaking, it has been deleted from their servers. But by then, who knows where it's been copied to. By then it might be on systems completely out of their control.

I think you hit the nail on the head: "The only secure data is data that doesn't exist."

No guarantees or assurances from the corporations or the government can change that.


The fun part is, in a couple of years it basically won't be possible to drive a car (on a public road, anyway) that isn't "connected." If the legislators don't bring this bold new tomorrow down on us, the insurance companies will do so on their own.


About six months ago I bought a VW with their "CarNet" integration. I am concerned about my car relaying information about where I go and how I drive - at a minimum, I know that it notifies the dealership when I cross over a 10,000 mile boundary because I've received an email reminding me to take it in for service. I've tried to find a way to disable it, but I can't find anything online or in the user manual.

I suspect that this story will become more and more common - ordinary people buying cars equipped with such systems that are unaware of the privacy implications.


Two choices:

1) If this is a Volkswagen option/standard item (as opposed to a dealer option), its operation and installation should be documented in the Factory Service Manual. They're expensive, but will show you how to assemble, disassemble, and repair every part of the car.

2) Go to the vwvortex forums and search/ask on there how to remove it, assuming again, that it is not just a dealer add on, and it is a factory option.

http://forums.vwvortex.com/forumdisplay.php?5001-VW-Model-Sp...


It is a standard piece of equipment that shipped with the car from VW. After I posted my comment earlier, I decided to do another search and I found this thread:

http://forums.vwvortex.com/showthread.php?7020025-CarNet-Que...

I found the box under my passenger's seat, unplugged the pink tipped cable, and now my CarNet light is red. Fortunately this did not also disable Bluetooth connectivity or anything else that I can find.


Awesome.

No matter how obscure the car, there's a forum of enthusiasts out there for it, and that's the first place I always check for information.


The typical solution is to unplug something (on older OnStar systems, the antenna; I guess this has gotten harder as the antenna gets harder to find).


> The typical solution is to unplug something (on older OnStar systems, the antenna; I guess this has gotten harder as the antenna gets harder to find).

Does that void the warranty on your car, or some part of it?


I have no idea.

Typically in the U.S., such decisions have gone to owners (so they can't require dealer service in the warranty: http://www.consumer.ftc.gov/articles/0138-auto-warranties-ro... Complexity has sort of created a situation where you go to the dealer anyway, but they can't deny the warranty just because you obtained proper service elsewhere)


Are you 100% sure it wasn't coincidence?

I don't have a connected system [e.g. it doesn't report anything because its a certified used car I got for $11k where damn near everything is manual :P] but the dealer was able to guestimate within a few months of when I would hit the mileage amount I'd need to take it in for service.


100% sure? No. However, I got the email a day or two after I crossed 10,000, about 5 months after I bought the car, which is a bit sooner than average I would imagine. It's also one of the advertised features of CarNet (http://www.vw.com/features/vw-car-net/)


Ah, well if its an advertised feature it isn't like you weren't informed. I was thinking you thought it was something shady they snuck in w/o your knowledge.


Our VW stealership does the same thing. My wife gets emails and mailers when her car is near it's next appointment based on estimated driving.


Have you read the EULA? ;)


I am really worried that insurance companies will push for those tracker devices for everyone. If they simply make insurance policies without the trackers twice as expensive as ones with them, they will quickly become widespread, and this surveillance will become the norm. I hate this and I dread the day when it happens.


You should hold out hope for every company which does this, there will be one acting with your privacy in mind and offer lower rates without the possibility of collecting your data.

I think the Snowden revelations have had a huge impact on how people view their privacy now.


And your car leaks information that can be used to create GUID: http://www.reddit.com/2kj10q/


"At the time, chief executive Harold Goddijn promised his company would prevent the data being used in that way again."

This is the crux of the issue. Companies will continue to reap the financial benefits of selling the information and then back off if they get caught.

This is a very dangerous game of, "It's easier to ask for forgiveness than for permission"


A "promise" by a CEO about what his company will or won't do in the future is completely worthless.


That reminds me of a Ford exec that said: 'We Know Everyone Who Breaks The Law' Thanks To Our GPS In Your Car

Read more: http://www.businessinsider.com/ford-exec-gps-2014-1


Sometimes when I rent a car I'll poke around in the navi and sync menus. I often can see where people went in the car before from the nav history and you'd be surprised how many people sync their address book with a rental car!


There will be an interesting battle in the future for the Car Data. Will be the manufacturer or the services available in the car which will own the data ?


The owner of the car is and should stay the owner of the data. He should also be able to decide what and where to put his data, at any time.


Indeed.

One of the more dangerous potential outcomes of all this data recording and telemetry is that everyone winds up with a black box monitoring their driving full-time, which becomes de facto obligatory because you can't get something mandatory such as insurance without it.

Then, because there are exactly zero perfect drivers in the world, every driver becomes subject to effectively arbitrary fines and/or increases in their insurance premiums, providing a convenient revenue stream with a captive market for both big businesses and governments.

In an ideal world, such monitoring could instead lead to official recognition that no-one is perfect but interventions should be aimed at people with a sustained pattern of risky behaviour or deteriorating driving standards rather than immediately penalising a driver who made a small mistake and was unlucky to be in front of a camera at the time. But sadly I have little faith that anything so constructive would ever actually happen, given the track record of the government, the police, and the insurance industry in my country when it comes to abusing new technologies and outright lying about what they are doing/going to do. :-(


No, you should immediately punish bad driving but the punishments can be much lower.


The trouble with that argument is that every driver is guilty of "bad driving" at least momentarily from time to time. What good does it do to punish someone who is reasonably skilful, reasonably responsible, but only human?

The inconsistency and selective enforcement is part of the problem here. If our driving laws were routinely and universally enforced to the letter, with every infraction punished as the law provides, then there would be no-one left entitled to drive within a few weeks and the absurdity of the system would be clear for all to see.

As it stands, there seems to be an element of lottery: I know plenty of people who are basically responsible drivers but have picked up the odd ticket for doing 35 past a camera at the bottom of a hill or something, and I also know plenty of people who I literally won't ride with any more on account of their crazy driving yet who have completely clean licences. Evidently the system is not currently effective at promoting safer, more considerate driving, which in the end is what it should be doing.


I assume that you're a software guy so I would hope that you would naturally understand the benefit of simplicity. Let's assume that a speeding ticket currently costs $200. What percentage of speeding instances do you think are currently fined? I'm going to guess far less than 1%. That means you can lower the fine to $2 per instance or probably much less and still be meting out the same expected punishment for speeding.

The goal of this fine is not to partition drivers into good and bad drivers. It's to incentivize good driving. Yes, good drivers are going to get fined occasionally but it will be a very small fine. Why try to make a more complicated rule that never fines "good" drivers? That will sometimes lead to drivers who decide to speed this once because it's free.


> Yes, good drivers are going to get fined occasionally but it will be a very small fine. Why try to make a more complicated rule that never fines "good" drivers?

For one thing, any law that inherently penalises innocent people for a crime they did not commit is abhorrent to me. The scale does not matter. This is simply a basic principle of justice and fundamental to the state having any moral authority to enforce any law at all.

Even were that not the case, you have to deal with the practical problems of overheads. What are you going to do when someone inevitably disputes their $2 charge? Either you have a punishment without any due process at all, or you incur vastly disproportionate expenses prosecuting a case in court, or you cause the innocent person vastly disproportionate damage contesting their guilt. None of these is an attractive option.

You also have to deal with the practical problem that any such system will be cracked very quickly, and the worst drivers will be the ones most likely to get away with it.

My views have somewhat softened on technical driving offences over the years, in that I accept as a practical matter that having a black and white definition of what is permitted removes wriggle room for bad drivers who might otherwise tie the system up contending that their actions were not in fact dangerous or otherwise inappropriate. Nevertheless, the goal of road traffic laws should be to take the dangerous or inconsiderate off the road, and it is not always the case that things like exceeding a speed limit or driving through a red light necessarily have (or have any significant potential to have) actual negative consequences.

So while the laws prohibiting these actions are a pragmatic choice, it is not one that has any inherent moral basis to me and already one that sometimes prohibits perfectly reasonable actions that a responsible driver might otherwise perform. Abusing such laws so that even those who try to comply with them, while also driving safely and considerately, are still victimised is a big step too far in my book. And of course the systems we're talking about might not only be used to enforce technical laws to the letter, but could also be used to provide wriggle room for insurance companies after an incident.


The innocent until proven guilty approach to traffic violations is already a farce. If you have a job, it costs more to dispute a ticket than to pay it. I'm in favor of changes to the legal system that would allow rapid turn around in low stakes cases. Start with something very informal and quick and have an appeals process where the loser pays.

Cracking the local monitoring device can be disincentived just like speeding. If an officer sees you speeding and you're not self reporting it, bam. Bigger offense.

The thing about more effective enforcement in any setting is that it can increase justice (lower the lottery effects) but it makes it that much more important that you got the laws right to begin with.


The innocent until proven guilty approach to traffic violations is already a farce. If you have a job, it costs more to dispute a ticket than to pay it.

Yes, it is, and that situation is a real problem for some people, such as someone whose car registration has been cloned, resulting in a whole series of tickets about something like the London Congestion Charge even though they live in the north and haven't been as far south as London in years.

That is why I am personally in favour of courts defaulting to awarding realistic compensation to successful defendants in all prosecutions, combined with the abolition of automated fixed penalty notices generated by any sort of machine.

Basically, if something is serious enough to merit a criminal prosecution, I think the authorities should show up with real evidence and if necessary real police officers as witnesses, make a proper case in court, and suck it up if they bring too many cases that fail and it costs them a lot in compensation. I think there is considerable merit in the argument that anything where you don't feel such a comprehensive response is justified and instead resort to some sort of automated penalty regime and mass punishments shouldn't be dealt with through criminal proceedings at all. (Edit: The flip side of this is that if a police officer pulls you over and in court you really are then found guilty of, say, driving at dangerous speeds, don't expect to get away with 3 points on your licence and a token fine. Only prosecuting serious offences cuts both ways.)


> What good does it do to punish someone who is reasonably skilful, reasonably responsible, but only human?

The self-driving car industry will benefit from that.


A profit-driven insurance company will of course use every means at their disposal to get out of paying out. That includes using every piece of information that might compromise your claim. Like the telemetry your own card is supposed to be keeping.

And further, how on earth can we even know they aren't lying? If the telemetry is kept remotely by some Other profit-driven corporation, and delivered to their buddies at the insurance company.


Is it not connected, but every new car in the US is already required to have an event data recorder, that in a collision saves at minimum such information as speed, throttle position, whether the brakes were applied, and whether the driver was wearing a seatbelt.


Do you still believe in Santa Claus ? :)

EDIT: The point is: The data from the Car is very valuable for lot's of parties including the Manufacturer and suppliers.


Do you still believe, that spreading your data withouth any control throughout the world will make you safer in the end?

What happens with and in a car is highly private and I wish that to remain as it is.


That's not the point. The point is with connected vehicles you have to share your data if you want the car to drive itself, navigation, services from Google, auto parking etc... There is no way you will own that data.


Why not? Why can't there be a solution where you own and control your data to the full extend?

Load an offline map, drive to your location, park done.

Car GPS have done this for ages. I can't see why your future self driving car shouldn't be able to do the same.

Heck, even if you download a current update of the trafic around you over the air, privacy _could_ be baked right into the product.

It's not that we couldn't. It's waaaay more easy just to integrate your favorite cloud based engine, I see the pluses of that, but I also see the big big minuses attached to that.


Your fatalism is a self fulfilling prophecy.

I don't know much about it, but HIPAA seems to be an example of legislation that at least tries to address personal information (in a way that protects the individual...).

I guess it is even fairly easy to sketch out a set of rules. Something like no aggregation of data prior to an explicit opt in, a prompt and clear method of turning off the aggregation and a way to obtain any data that is being retained, along with toothy fines for violations.


I agree with your general sentiment, but what happens with a car is decidedly not private. You are on public roads and more importantly, your driving affects the safety of others.


I fully agree that the safety of my driving affects other. But that doesn't mean, that the future car must be connected nonplusultra at all. I can safely drive as if it was 1999 (or say 1990) and all I leak in data is the visual appearance of my car, the number plate and maybe how many persons are riding in that car.

But where I go when and where and how long I stay there etc. etc. is none of the business of any vendor, any navigation company or any other SaaS out there running to enhance the future of driving.

As long as we can opt not to choose, it's all fine, but as soon as I can't buy a new car anymore without all beeing connected and monitored (remember the voice feature here on HN about the Samsung Smart TVs leaking your private data like hell?).


I notice the consumer isn't a choice.


Tl;dr version: Yes we caan, but we "promise" not to.


Huh. From the title I would have guessed this was a Wired article.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: