Andrea Amico explains to Alex Kreetzer the importance of privacy within in-vehicle infotainment systems. 

Andrea Amico has been the President of Jack Cooper Logistics for over seven years. During that time, Jack Cooper has handled many millions of cars, including inspecting many lease-end vehicles, rental vehicles, and fleet vehicles. It was during a routine inspection of one of its used vehicle yards two years ago that Amico noticed that a large portion of these previously-owned vehicles still retained the private information of their users in the infotainment systems, such as home address, garage codes, contacts, calls, and in some cases even text messages. This worried him, as anyone who bought these vehicles was potentially a few clicks away from accessing this kind of data. Amico realized how easy it would be for an ill-intentioned person to create a dossier of information for each vehicle, such as who owned the vehicle, where they lived, where they worked, which pharmacy they went to, which schools their kids attended, who they called, and many other personal details - a discovery that became rather haunting for Amico. "There is a lot of data out there and in many cases it’s not hard to build a very accurate picture of the people who had used the car," he said. "When we started to show to industry insiders some anonymized dossiers we had compiled using data we accessed from used vehicles, and started sharing some early statistics on how frequent this privacy issue was, people were stunned." 

Andrea Amico

Amico is a part of the International Automotive Remarketing Alliance, an association of executives involved in the wholesale auto industry who acquire and sell millions of used vehicles every year. When he brought up this issue to the group, IARA immediately realized this was an important yet little understood issue, so they asked Amico to take the reins on this topic – something Amico enthusiastically agreed to. In the summer of 2017, IARA sponsored a study and Amico enlisted the help of auto auctions and inspection companies in the US and Canada, which led to the realization that the majority of the vehicles still retained the information of the vehicle users as they were being remarketed. Given the magnitude of the issue, the industry turned to Amico looking for solutions as to how to solve or mitigate this privacy risk. The main challenge was that there is a huge variability in how In-Vehicle Infotainment Systems work, so finding a universal, simple and efficient solution was not obvious, nor easy. Amico explains that at IARA he looked at many different types of solutions: "We first went to some of the OEMs and asked them if the procedure to delete all personal information could be standardised so you wouldn't need different tools or procedures for each brand. However, this didn't seem to be a realistic path - especially in the short term - so we started to look at hardware-based solutions instead." This led Amico and his team to look at different plug-in technologies (both OBD-II and USB-based) that would allow the private data to be erased. While this approach was theoretically possible, for instance by using the OEM diagnostic equipment these tools are extremely expensive, not widely-available, and the reset procedure was often very time consuming and required specialized techs. Non-OEM procedures, while also theoretically possible, required to map how the personal information is stored in vehicles (which is not standardized) and most importantly risked to invalid the manufacturer warranty, which was clearly not viable. "Everybody understood that we needed to find another path to wiping the PII from thousands of different variations of designs and that we had to follow an OEM-approved procedure to do so”, says Amico. “At that time, nobody thought this was a pragmatically solvable problem… so I decided to take matters into my own hands,” says Amico. The concept of Privacy4Cars was born. 

From then on, Amico started to collect system data from many different vehicles to try to build an encyclopedic, car-by-car specific, how-to guide to wipe personal information from infotainment systems and garage door openers. He incorporated his findings into the Privacy4Cars app, available for download on iOS and Android, that offers users step-by-step tutorials to delete PII from modern vehicle infotainment systems. The undertaking was a much bigger task than he first thought, as not only he had to map an almost endless variety of existing makes, models, years, and trims, but also had to constantly stay up-to-date with new models and new versions of the firmware for existing vehicles (something that is rapidly increasing with re-flashing and over-the-air updates). "It is quite the job, but we are committed to delivering a simple and inexpensive privacy solutions and are really happy that we already have a few automotive companies interested in pilots of the application with interest constantly rising,” continues Amico. “It is great that there is finally an interest on how to tackle this problem, as there really is no other simple and inexpensive solution to talking privacy and compliance concerns.” 

Finding the solution

The modern vehicle is progressively slipping into the technology-driven world, becoming a smartphone on wheels but, unlike the companies involved in the mobile industry that use state-of-the-art technology to secure the devices, the automotive industry has not yet caught on in terms of privacy-by-design solutions. It is so important for the industry to understand the serious issues that surround cybersecurity and the privacy exploitation from not just hackers, but normal people who access the vehicle. It can be extremely easy for somebody to access personal information from in-vehicle systems without the knowledge or the authorization of the PII owner. The fact that cars have a much longer product lifecycle than personal computers or cellphones poses an even greater challenge with keeping these systems updated and resilient. For all these reasons, it is important to address the issue of privacy in vehicles as soon as possible, through creating an industry understanding and collaboration. "First and foremost, we are focused on awareness because, without it, you cannot drive this behavioural change," adds Amico. "I think that the topic of how much information is retained by systems and what it means for the privacy of people is vastly overlooked. Although cars are much more expensive than laptops or smartphones we handle used vehicles in a way that we wouldn’t dare do with our laptops or mobile phones." For example, when a customer returns his or her phone to a provider to replace it, the company will ask them whether they have backed-up or wiped-off the data before giving them a new handset. There needs to be the same mindset with vehicles – especially as they increasingly pack more sensors, collect more data, and are becoming more and more connected. It all comes down to awareness, as people do not realise how much data vehicles can capture. "As a consequence of this," says Amico, "there needs to be further education for consumers to understand what the data is and why they should care about it." 

The automotive industry is starting to understand the challenges surrounding customers’ personal information, but many are still not thinking about this throughout the early stages of design. Following serious cyber-attacks on vehicles, the automakers are looking to protect the vehicle itself, but are not yet focusing enough on protecting users’ private data. "We want to make sure that users are aware and responsible, as they are the first line of defence to protect their own data. But we also believe that, across the industry, there should be a second line of defence," says Amico. 

Early intervention

Although there is a worry around the amount of data that the host captures, there is also a huge issue with the emergence of mobility models which will accelerate the amount of data shared with millions of people around the world. Car sharing services allow customers to jump in and out of multiple vehicles and connect their data, which has the potential to become an even bigger privacy problem. One single shared vehicle may accumulate many layers of customer data. Sharing also makes it easier for ill-intentioned people to have unrestricted access to that vehicle and attempt to exploit the information. " What we see in our statistics for rental cars today, is that the more users who get into a given car, the more data is likely to be found," warns Amico, quoting a study he performed on over 600 rental vehicles that were being rented or resold, showing that almost all of them contained personal information of the renters. Mobility companies need to pay close attention to this unintended consequence of the sharing economy, as it may unleash significant risk and exposure in terms of customer privacy. 

Mobility services are great innovations that are transforming transportation, allowing customers to jump in and out of cars through applications on their phones. However, this means that customers may be even less likely to take time to delete their data from the vehicle before they leave it unless mobility providers find common ground and create processes and systems that encourage users to take action and make those actions simpler. Amico believes that there are a number of ways that you can design connected vehicles that enable privacy protections by default and encourage users to manage their personal data, similar to how people have designed other technologies such as websites and mobile phones. "If I don't know the pin for your phone, your personal information is locked away. This is a very basic example – but why can’t we start utilising these tools and design practices in the automotive industry?" he asks. Another possibility, if the car is connected, is to remotely send a signal to wipe the information after a certain user has accessed it. For example, General Motors announced to a fleet meeting they will start offering such a feature starting in 2019 if vehicles are subscribing to the company's networking package. "The statistics we compiled suggest that providers of in-vehicle infotainment systems haven’t put as much attention into privacy as maybe they should have; if this wasn't the case, we wouldn't have this frequent stranded data issue in the first place," says Amico. "I hope that these system providers will realize the importance of privacy-by-design and the rising interest in privacy from both the public and regulators, as the recent introduction of GDPR in the EU and the new legislation in California prove. " 

GDPR: where are we now?

At the end of the day, privacy within the vehicle is strongly linked to the regulations - or lack of - where governments can introduce new rules that govern private information found within cars. The General Data Protection Regulation (GDPR) has provided a law on data protection and privacy for all individuals within the European Union. This is a step forward in terms of general privacy, and although the regulation doesn't specifically mentions vehicles, it surely applies to them. "The AutoAlliance itself recognized in 2014 that some car data – like that collected by infotainment system – is sensitive and private, so it’s easy to argue it would fall under the protection of GDPR" says Amico. "I think many industry insiders realize the whole automotive sector could get under scrutiny if we don’t act to introduce stronger protections.” 


Over the next few years, the wider industry should address the privacy issues rather than let it take a backseat as the entertainment aspects of the connected car are developed. Although businesses operate on profit, privacy is a huge issue that needs to be addressed before everyone's data is at risk. "I don't think that there is anything wrong with companies trying to make a profit and I think it's great that we are seeing more mobility services and autonomy being implemented. The promise that these services carry is wonderful: reducing accidents, congestion, and pollution. This doesn't mean that privacy has to take a backseat. I think that companies across the entire ecosystems including dealers, fleets, auctions, auto insurance, and of course automakers may realize privacy can be a desirable feature for current and future customers: many people care about what companies are doing with their data, so being thoughtful in the area of privacy may yield greater sales and profits.” " It is all about finding the right balance between launching new mobility features and infotainment technologies and the security and privacy implications behind them. "I firmly believe addressing privacy is in the best interest of everybody. Analysts project the connected car industry to boom to hundreds of billions of dollars… but we must remember the precondition to that opportunity is that users need to share their data and trust it will be handled appropriately and will be protected" adds Amico. "I created Privacy4Cars, and the Privacy4Cars app, with a clear social mission: to address vehicle privacy issues when there was no solution. Frankly, if IVIS start implementing privacy-by-design features and our App becomes obsolete, I’d be happy, as I would have changed the industry for the better. That’s the job."  

You may also like:

Don't miss out

Be the first to know about the latest news in the automotive and transportation industry, through our weekly mailer and bi-monthly publication: New Mobility Visions.

New Mobility | Visions | Three6Zero Limited © 2018