Once Your Car's Connected to the Internet, Who Guards Your Privacy?

As soon as cars are connected to the Internet, there’s no such thing as 100% safe

hacking connected car
Credit: Thinkstock

Once mobile devices are connected to car infotainment systems and cars are connected to the Internet, vehicles will become a rich source of data for manufacturers, marketers, insurance providers and the government. Oh, and they'll be a lucrative target for hackers, too.

Unlike mobile device makers that use state-of-the-art technology to secure their devices, the automotive industry has generally been a technology laggard when it comes to privacy. The computer systems in automobiles, like so many other systems, may be built from years-old technology because of the three-to-five-year vehicle development cycle.

"Nothing dates a car quicker than the electronics. You can get into five-year-old luxury car and it... feels like a Nintendo game... compared to the experience on your smartphone," said Scott Morrison, a distinguished engineer at CA's Layer 7 Technologies.

With that in mind, Morrison believes cars, just like computers, need an opt-out capability when it comes to collection of in-vehicle data. That's especially true since there's little federal oversight on who's collecting what data from vehicles.

Carmakers already remotely collect data from their vehicles, unbeknownst to most drivers, according to Nate Cardozo, an attorney with the Electronic Frontier Foundation. "Consumers don't know with whom that data is being shared," Cardozo said. "Take Ford Sync, for example. In its terms of service, it says it's collecting location data and call data if you use Sync to dictate emails."

Ford then shares that data with business partners to improve service, "but that is so broad that you don't know what that means," Cardozo said.

Location data, which is routinely collected by GPS providers and makers of telematics systems, is among the most sensitive pieces of information that can be collected, Cardozo said. For example, if a company knows where your car is at any point in time, it knows where you live, what restaurant you're in and where you go to church. And, as Cardozo, points out, it also knows "if you're interviewing for another job or having an affair.

"Not having knowledge that a third party is collecting that data on us and with whom they are sharing that data with is extremely troubling," Cardozo said.

Dominique Bonte, a director at ABI Research, believes drivers should have to opt in before car companies can share data with any outside parties. Bonte pointed to GM as an example of why an opt-out model isn't good enough.

In 2011, GM's OnStar in-vehicle communications service began collecting data on users without permission. The strategy was designed to improve the OnStar service, but GM also shared that data with third-party suppliers.

"They failed to observe the most essential rule in privacy. They were forced to stop using the data," Bonte said.

Earlier this year, GM issued an OnStar privacy statement clarifying how it could use data collected from its in-vehicle service. The vehicle-related information it collects involves diagnostic data, odometer readings, estimates of remaining oil life, tire pressure calculations and information about collisions; it also includes driving information, such as vehicle location, speed, safety belt usage "and other similar information about how the vehicle is used.

"We may use information for any purpose or share it with any third party if we anonymize it so that it no longer reasonably identifies you or your vehicle," the OnStar privacy policy said.

Bonte said others in the auto industry are mindful of GM's high-profile mistake, so many automakers are now scrubbing the data they receive from in-car systems in order to protect customer privacy.

"This was a real industry pushback as a result of the mistake by GM. Now everyone is very careful," Bonte said. "They'd love to use the data... and there are so many use cases, including diagnostics to improve designs or prevent recalls by identifying faults at an early stage."

Who's watching you drive?

Ken Schneider, vice president of technology strategy at software security company Symantec, believes digital certificates will be key to providing privacy while also allowing crucial driving data to be gathered. That data can improve overall traffic conditions and the individual driving experience.

Modern vehicles, Schneider said, can have as many as 200 CPUs and multiple communications networks between internal computer systems. While most systems are isolated within the car, others are used to transmit data back to manufacturers, dealers or even the government.

"On the plus side, this data can make the user experience much richer and personalized because from one vehicle to the next, it will know all my settings and [be] able to integrate your car into your digital day," Schneider said. "The flip side of that is it creates risk."

To mitigate that risk Schneider said, companies such as VeriSign have issued more than a billion digital device certificates -- a Secure Sockets Layer electronic handshake -- over the past decade to ensure authentication of electronic communications.

"For example, a car has to know which cloud platform it's communicating on, and the cloud needs to know that it's the car it's supposed to be talking to," Schneider said. "The only way to know that is to have digital certificates on either side."

If not protected, in-vehicle diagnostics data could also be used by government agencies to track driver behavior. Nightmare scenarios could include traffic violations being issued without law enforcement officers on the scene or federal agencies having the ability to track your every move in a car.

Perhaps even worse, if it were possible to hack into onboard systems, malicious software could be downloaded to a car's computers, with potentially deadly outcomes. Among other things, a piece of malware could, for example, "tell the braking control system to suddenly activate," Schneider said.

"As there's more and more network communications going out to cars from manufacturers, over time that will become more of a risk," Schneider said.

Ultimately, he said, it will be up to each manufacturer to establish privacy policies and make them transparent. "A lot of this will be opt-in," Schneider said.

Even so, driving statistics can be anonymized and used to improve roadways. For example, analysis of vehicle tracking data could play a role in efforts to improve intersections where there are a lot of accidents.

The in-vehicle navigation service TomTom, for example, routinely provides anonymized information to police, Bonte said. "It can tell them where the riskiest places are where cars get broken into. That's useful for police patrolling," she said.

Smartphone car app data Thinkstock

"As soon as something is connected to your car, you risk someone getting their hands on that data," says Dominique Bonte, a director at ABI Research.

However, "consumers became very concerned that [such data] could also be used [to detect] speeding and other vehicle behavior," Bonte added. "TomTom had to be very clear they'd only provide anomymized, average statistical data and leave out names or types of vehicles."

As Bonte points out, however, "anything" can be hacked no matter what security measures are taken. "There's no such thing as 100% safe network," she said. "As soon as something is connected to your car, you risk someone getting their hands on that data."

The level of risk is increasing because the number of wireless connections to vehicles and the number of mobile devices people carry are both increasing daily.

Mobile devices are already being connected to vehicles through APIs such as Apple's CarPlay, Google's Automotive Link and the OS-agnostic standard MirrorLink. And more manufacturers are now offering in-vehicle Wi-Fi routers as an option.

As the automobile industry moves toward connected vehicles that communicate with one another and the infrastructure around them, vehicles are becoming wireless devices on wheels.

"Today, there's a much bigger risk of downloading viruses to your vehicle or suffering cyberattacks," Bonte said.

Schneider said Symantec is currently doing "a lot of work" with vehicle manufacturers to create security identity models that can be used to protect user information.

Electric car manufacturer Tesla Motors recently announced plans to sign up security researchers to hack its vehicles. The company plans to hire up to 30 full-time hackers to find vulnerabilities in the firmware of its vehicles.

Wearables go with you on the road

The fast-emerging wearables market, whose offerings include products such as Google Glass eyewear and smartwatches like the LG G Watch, Samsung Gear Live and the just-announced Apple Watch, is yielding a whole new class of products capable of transmitting user data.

With almost 54 million wearable devices shipped last year according to ABI Research, wearables have already caught the attention of the automotive industry. The first commercial launch of a wearables-compatible vehicle will be the 2015 Hyundai Genesis, which will be compatible with the Google Glass.

"It's a big problem. Security concerns have been around for desktops and smartphones for a long time, but all of a sudden the car industry has to take care of that same issue," Bonte said.

Some automakers have been demonstrating smartwatch-connected vehicles. That list includes GM, Volvo, Nissan, Mercedes and BMW.

But it's not just the car manufacturers that are hoping to get a glimpse into your driving habits.

Opt-in insurance programs, such as Progressive Insurance's SnapShot and State Farm's InDrive, use OBD-II dongles to transmit information about your driving habits in exchange for lower rates.

"They're trying to identify the 10% of drivers that are 10 times worse than anyone else. If you are one of those... they're going to tell you you're not welcome here," said Roger Lanctot, an associate director at research firm Strategy Analytics. "They're all trying to adopt that model."

The privacy problem goes beyond the confines of the car and has now entered the home, said Lanctot, noting that companies like Nest Labs, which is now part of Google, hope to offer systems that give people remote control of their homes' appliances and HVAC, lighting and security systems from the comfort of their cars.

He went on to note that other innovations that could be used to collect data include automotive cameras that will not just face outward, but also inward to support gesture-based interfaces that enable drivers to swipe the air with their hands to control their infotainment systems or smartphone heads-up displays.

"Cameras are also coming into cars, because autonomous vehicles will have to monitor the driver," Lanctot said. "Cameras are changing the game. Cameras have been fascinating to me because it's a relatively innocuous technology, but it's having a huge impact where third parties can suddenly see all around the car. For example, vehicle self-parking is the 900-lb. gorilla."

Access to your data?

Along with offering up access to your mobile data and insights into your Web-surfing habits, automobile manufacturers are interested in retrieving data from your vehicle's powertrain control module, also known as the engine control unit (ECU). The ECU controls and monitors everything from steering and braking to acceleration, and it can provide a valuable vehicle profile for manufacturers to improve products by determining flaws in current models.

The ECU is connected to various systems in a vehicle through the controller area network (CAN), another point of access to the car's inner workings.

As video cameras and sensors are added to vehicles to support new safety features, such as advanced driver assistance systems (ADAS), vehicle manufacturers are eyeing the use of Ethernet inside a car instead of the CAN bus, making car computers even more vulnerable to attacks because of the ubiquitous nature of Ethernet, Morrison said.

Ethernet is joined by about a half-dozen other in-vehicle communication protocols, such as LIN (Local Interconnect Network), MOST (Media Oriented Systems Transport) and FlexRay -- aimed at increasing bandwidth to and from the car as vehicle monitoring systems become more sophisticated.

Vehicle-to-infrastructure (V2I) and vehicle-to-retail (V2R) will be two of the most dominant segments of the connected automobile market over the next decade or more.

By 2030, more than 459 million vehicles will support V2I and 406 million will support V2R, according to ABI Research.

Vehicle-to-home (V2H) and vehicle-to-person V2P technology are expected to be in 163 million and 239 million vehicles, respectively, according to ABI Research.

High-profile examples of connected-car applications that will be part of the Internet of Things include Volvo's Roam Delivery service, the partnership between Mercedes-Benz and Nest on remotely controlling home thermostats, the Toyota-Panasonic effort to integrate cars with home appliances, vehicle-to-grid services from GM and Toyota, and Nissan's Nismo smartwatch, which tracks both personal healthcare metrics and vehicle diagnostics.

In order to fully unlock the potential of the automotive segment of the Internet of Things, it will be critical to address a wide range of barriers, according to ABI research. Those issues include concerns about security, safety, regulation and the lack of cross-industry standards.

"Everything that hits the Internet is not 100% safe. There are cyberattacks all the time," said Bronte said. "There's no such thing as a 100% safe network. So as soon as something gets connected, there's a risk that someone could get hands on that data."

This story, "Once Your Car's Connected to the Internet, Who Guards Your Privacy?" was originally published by Computerworld.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO Nov/Dec 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.