As vehicles and their users become more digitally connected, there are increasing concerns about how personal information is used and monetised. While the analysis of private data can (and will) improve safety for both drivers of smart vehicles and pedestrians, one of the questions raised at last week’s SMMT Connected 2019 event in London, UK was whether data protection efforts can keep pace with the rate of technological change and ensure that personal information is not misused.

At the biennial conference organised by the UK’s Society of Motor Manufacturers and Traders, John Lippe, director of city engagement at Ford Mobility Europe, provided one example of how Ford has been working with Transport for London (TFL), the government body responsible for the capital city’s transport system.

Lippe explained that Ford connected 160 Transit vans (20 of which were PHEV plug-in hybrids) and that these vehicles were monitored for three months on London roads, resulting in a significant amount of data being gathered and analysed. That telematics information was overlaid with TfL’s own data on road accident and fatalities.

“We found some close correlation with the way the vehicles were behaving and the historical data provided [by TfL],” said Lippe. “If we can correlate this we can use it as a predictive tool going forward, and we believe that is a practical use of vehicle data.”

[mpu_ad]Michael Hurwitz, director of transport innovation at TfL, pointed out that the body had a Network Management Control Centre that covered 2,300 lighted traffic intersections, information from which could be combined with anonymised metadata from vehicles to greatly improve the flow of traffic.

“It could show us that, at particular junctions there are antilock brakes being engaged more often, or this is where people are doing more severe movements on the steering wheel; all of this is core data that connected vehicles will collect. That is really helpful if your role is to try and keep the network moving.”

Rushing into speed controlsOn the question of whether autonomous technology should be used to control speeding, however, Andy Palmer, president and CEO of Aston Martin Lagonda, was in favour of other means. He said that “populist policies” on speed control across the EU were more a cause for concern at the moment.

“The move by authorities to legislate in autonomous technologies before they are mature is worrisome,” said Palmer. “In the UK the emphasis should and must be on eliminating driver error by distraction. But instead, recently imposed European legislation has focused on speed control. Speed-limiting technology carelessly applied will increase accidents through driver distraction.”

He added that wholesale adoption of this speed control technology without a working 5G network or a properly integrated mobility infrastructure was reckless. “If you want to deploy autonomy, let us do it in a sensible and controlled way through level four [fully autonomous] technology so it is integrated with the technology around you,” he said.

Leaving aside the issue of speed controls, Ford’s Lippe said that more correlation of vehicle and transport authority data could provide a sophisticated predictive tool for planners, emergency services or highway authorities, enabling them to deliver future safety policy.

Hurwitz added that TFL also has an “extremely productive” arrangement with the Waze routing service to support its control centre. “Sometimes if Waze has registered a crash or accident it is quicker for us to see it [through] that application than via the emergency services,” he said. “That has been on a non-monetary basis.”

Protecting personal dataThe problem in the UK is that wider adoption of data sharing relies on the willingness of carmakers and other private stakeholders. TFL has no legal power to get in-car data from the OEMs or mobility service providers and many are reluctant to provide it, according to Hurwitz.


Andy Palmer, president and CEO, Aston Martin Lagonda

OEMs are concerned about sharing telematics data from a personally owned vehicle, though there are ways to anonymise and aggregate it. Nevertheless, given the amount of personalised digital services now located in what is basically a smart phone on wheels, there is a need for data security to be built in from the start.

“We have to be very careful because if we oblige people who are buying a new car to buy in to a system where they are not going to know what is being done with their data,” said Anne LeFrance, partner at partner at law firm Squire Patton Boggs and co-chair of its Data Privacy and Cyber Security Practice. “Obviously there will be legal issues but there will also be customer issues over testing the system.”

Peter Leavy, group head of connected car propositions at Vodaphone Business said that it was crucial to clearly differentiate between data uses. That must include distinguishing between what data is essential for driver safety, what data is essential for the driver and their connectivity, and what is for commercial purposes.

Jonathan Bamford, director of strategic policy at the Information Commissioners Office, the UK’s independent information rights body, pointed out that public confidence in information sharing has already been shaken by controversies such as the Facebook/Cambridge Analytica data scandal.

At the same time, companies using such personal data rely on it for the success for their business. “Our personal information has become the lifeblood of these companies and so it is up to us to work together and inspire public trust in how that information is used,” he stated.

Custodians of informationBamford said it was important to identify the ‘custodians’ of personal information. The consumer needs to understand exactly which organisations they are sharing information with and what exactly it is that those organisations are doing with their personal data, especially if using a multimodal transport platform involving any number of service providers. Moreover, the individual consumer must have some degree of control.

“I would say with concepts such as privacy by design, controls should be built in at the outset,” he said. “Innovators should not be thinking of privacy last, [they] should be thinking of privacy first and building it in from first principles not as a bolt-on at the end of a process.”

Bamford reminded delegates that the EU’s General Data Protection Regulation 2016/679 (GDPR) that provides a legal framework for data use and privacy includes measures designed to make companies accountable while also putting in place codes of conduct.

“If you want joined-up vehicles you need joined-up companies thinking about this,” said Bamford. “I’ve heard it said that personal data is ‘the new oil’, so let’s not have an Exxon Valdez or Deepwater Horizon.”

Another concern for those in the smart mobility sector is to ensure that anxiety about data protection does not stifle innovation and the potential for greater safety and a customised user experience in the vehicle.

As Bamford explained, data protection provides safeguards but is not necessarily ‘a handbrake’ on business. “It is not [a case of] privacy or innovation, it is privacy and innovation; both are possible,” he concluded.