In California, local regulators with the authority to initiate investigations and proceedings in the field of confidentiality have announced their intention to review the data protection policy followed by car manufacturers.
This intention of the regional authority is part of a more global effort by California to ensure a high level of protection of consumers’ personal information. As part of the upcoming audit, regulators will focus on vehicles connected to drivers’ mobile phones to use infotainment systems such as Apple’s CarPlay or Alphabet’s Android Auto. Such cars have been connected to the Internet for a considerable period or permanently. This technical circumstance increases the risks associated with the security of confidential data.
On Monday, July 31, Ashkan Soltani, executive director of the California Privacy Protection Agency, says that modern vehicles are connected to computers on wheels. He noted that these cars can collect a huge amount of information that comes from applications built into interactive systems of autos, cameras, and sensors that track the actions of people both in the cabin and in the radius of monitoring devices installed on the vehicle.
Ashkan Soltani said that the agency’s law enforcement department will interact with car manufacturers to familiarize themselves with their practices of using and collecting consumer data. Special attention, he said, will be paid to how these companies comply with California laws aimed at protecting privacy.
The agency did not say which vehicle manufacturers it interacts with or plans to start interacting with as part of the audit.
Currently, there is a consumer protection law in California, according to which residents have the right to know what their data is collected by companies. Also, this law, adopted in 2018, allows citizens to demand the deletion of confidential information.
The California Privacy Protection Agency was created following the 2020 ballot initiative, which tightened the consumer protection law. Since July 1 of this year, the regulator has the right to find out exactly what information about residents of the state is being collected and delete the relevant data.
Over the past few years, the level of data collection in cars has increased. This is especially true in cases where users are encouraged to connect mobile phones to play audio materials, receive verbal instructions, and make calls in hands-free mode.
Location information, which comes from cell towers or GPS alarms, is in demand among firms wishing to offer their products to drivers. The practice of collecting this data in combination with the mechanism of web surfing and information obtained by brokers can eventually form a kind of remote report system on a person’s life, including details of some aspects of his personal being and work.
Car manufacturing companies often have vague privacy policies, including at the wording level. At the same time, California law requires maximum transparency in this area.
The media note that monitoring of data collection systems in cars is a sphere where California regulators, in a certain sense, adopt the experience of the European system of legal supervision, and do not act according to the instructions of Congress, which has not yet agreed on a national privacy law. Investigations that have been conducted in Europe have prompted vehicle manufacturers to disclose more information about data collection.
As we have reported earlier, Italy Accepts Data Portability Offer From Google.
