Today, drivers want to be as connected in their cars as they are everywhere else.

As vehicles – and the smartphones brought in to them — become increasingly connected, automakers are taking action to protect the privacy of customer data retrieved from connected cars.

In 2014, 20 automakers pledged to meet or exceed commitments contained in the Automotive Consumer Privacy Protection Principles, which were developed to protect personal information collected through in-car technologies.

View 20 Automakers

These Automakers Commit to:

Be Transparent Providing customers with clear, meaningful information about the types of information collected and how it is used.
Inform Customers Providing ways for customers to manage their data.
Take Heightened Action Obtaining affirmative consent before using geolocation, biometric, or driver behavior information for marketing and before sharing such information with unaffiliated third parties for their own use.


These comprehensive and groundbreaking Principles incorporate long-standing Fair Information Practice Principles and Federal Trade Commission Guidance to establish a set of baseline protections for consumer personal information used with connected vehicle technologies. By virtue of automakers’ public commitments, the Principles are enforceable under consumer protection laws.

In 2018, automakers reviewed the Principles in light of evolving technologies and consumer expectations. Automakers concluded that the fundamental commitments of the Principles continue to provide appropriate protections for the personal information collected from connected vehicles and reflect the industry-wide commitment to be responsible stewards of information used for vehicle technologies and services.

Automakers continue to monitor evolving technologies and developments in privacy protection, and they are sharing information on their privacy commitments with federal and state policymakers, as well as their customers. Automakers commit to reviewing the Principles no less frequently than every two years to assess whether they continue to provide appropriate protections for personal information.

Frequently Asked Questions

Why is car data collected?
Technologies and services available today enable greater road safety through connectivity.

Automatic crash notification calls help assist vehicle occupants when needed.

Alerts about traffic conditions help reduce congestion.

Electronic security or smartphone applications help locate lost or stolen vehicles.

These features and more are important to automotive customers, and automakers are committed to providing these benefits to customers while respecting their privacy.

What data is captured in autos today and how is it used?
Today, different types of data are generated, transmitted, retained or shared for different purposes, including the operation of the vehicle. These include:

Data generated in an auto, but not transmitted outside the vehicle, that is necessary for the operation of the vehicle:

Within a car, computer systems constantly exchange data to ensure the smooth operation of the vehicle. From steering to braking, crash avoidance, and acceleration, dozens of onboard computers simultaneously share information as consumers travel down the highway. This data is not transmitted outside, or retained in the long-term computer memory, of the vehicle -- unless it is part of a subscription service, in which case owner consent is required under the Privacy Principles.

Data transmitted outside of the vehicle:

Certain functions can require the transmission of data outside the vehicle. For example, automatic crash notification systems transmit data so that emergency responders can be directed to crash scenes with information on the nature of the crash. Diagnostics systems may transmit data outside the car to identify potential maintenance issues.

Data transmitted into and out of the vehicle:

While basic navigation systems are only receivers for directions coming into the car, enhanced navigation systems both transmit and receive data from outside the vehicle so drivers can learn about traffic conditions and get directions. Trip information may be retained for convenient access to previously accessed destinations. For greater convenience, vehicles can also transmit and receive data so consumers can remotely monitor where their car is, remotely start their car, obtain vehicle diagnostics reports and access on-board information services.

Data generation that is required by law:

Certain vehicle data is required by law, such as data pertaining to emissions controls, on-board tire pressure sensors, and gauges. The government requires that event data recorders (also known as “EDRs”) monitor critical information about the vehicles in which they are installed, but this information is only stored for seconds at a time and constantly overwritten -- unless there is a crash and then the data (immediately prior to and after the crash) is recorded for use in analyzing the performance of the vehicle’s safety systems.

Data that is shared:

Technical data regarding such matters as warranty or safety is shared with authorized dealers, who also share this information with automakers. Data may be shared with affiliates for product development. Some information may also be shared for marketing purposes, but only with clear and explicit notice to the vehicle owner or registered user.

What do consumers need to know and do to protect their vehicle information and car data privacy?
There are a number of steps consumers should take to safeguard the information in their vehicles.

First, check with the automaker:

Within a vehicle, internal computers are constantly communicating with each other to operate the vehicle, and automakers work hard to safeguard this in-vehicle computer network to preserve the integrity of safety critical systems. However, not all data needed to operate a vehicle is stored or transmitted. Privacy policies associated with the vehicle system are available to consumers, and automakers encourage their customers to review them. Automakers may provide customer notices through a variety of methods, including online, owner’s manuals, paper or electronic registration forms and user agreements, and/or in vehicle displays. Consumers will also find information on how to delete certain data they stored on their vehicles.

Second, always ask about privacy policies and practices of relevant providers, including:

  • Wireless carriers: Many customers pair their mobile devices with vehicle- integrated systems, so we urge them to check the privacy policies of their wireless carriers prior to pairing their device.
  • Mobile app providers: When customers pair their mobile devices with vehicle systems, they may also access mobile apps and websites that have their own policies for customer review.

Data transmitted into and out of the vehicle:

While basic navigation systems are only receivers for directions coming into the car, enhanced navigation systems both transmit and receive data from outside the vehicle so drivers can learn about traffic conditions and get directions. Trip information may be retained for convenient access to previously accessed destinations. For greater convenience, vehicles can also transmit and receive data so consumers can remotely monitor where their car is, remotely start their car, obtain vehicle diagnostics reports and access on-board information services.

Third, always ask who wants vehicle data and why:

Many data miners, retailers and service providers want access to consumer vehicle data. For example, insurance companies seek access to vehicle data for setting individual premium rates. Some insurance companies only want mileage driven per year, while others may want much more information, such as driving behaviors like hard braking and accelerations, or even GPS locations of travel. Under the automotive Privacy Principles, consumers must consent to providing insurers with vehicle data.

Is there any personal driver information collected?
Personal information is collected but automakers are committed to protecting this data.

The most sensitive types of consumer information relate to geolocation (where the vehicle goes), driver behavior (such as vehicle speed or use of safety belts) and biometrics (physical or biological characteristics that identify a person). For each of these categories, the Privacy Principles require clear and prominent notices about the collection of such information, the purposes for which it is collected, and the types of entities with which the information may be shared.

What data does a consumer own?
Increased Internet use and smartphones have raised many questions about data and ownership.

For instance, a consumer owns a smartphone but not the proprietary system and data that make the smartphone work. As autos evolved into complex computer systems that generate, store and analyze data, similar questions arose about data ownership related to vehicles. Here are the answers:

  • EDR data: Automakers affirm they obtain vehicle owner consent in order to retrieve EDR data. In some situations, vehicle owner consent is not required, such as the driver is injured in a crash and data is need for a law enforcement investigation or court order.
  • Infotainment data: Consumers can control the type of information they enter into the infotainment system, such as music and contact lists.
  • Personal subscription information: Consumers can control identifying information, including name, address, credit card numbers, telephone numbers and email addresses.
  • Technical data: Automakers reserve the right to use technical data that is stored in, and relates to the functioning of, the vehicle.
What data can a consumer review or control?

Data from contract or subscription-based services:

Some vehicle systems and third-party providers allow vehicle owners and registered users to access historical data from a variety of subscription-based services, including roadside assistance, navigation, automatic crash notification, entertainment, and concierge services.

Data from in-vehicle diagnostics:

Some data may be accessed by consumers via password protected websites, report emails, and mobile applications, as well as on-board reporting systems or embedded touch screens. This data includes diagnostics and vehicle information on emissions controls, tire pressure, oil life, upcoming service needs and brake life. Driver behavior information can include vehicle speed, safety belt use and information about braking habits.

What data can a consumer turn off?
On home computers or smartphones, consumers can tell online advertisers and retailers that they want to avoid “tracking cookies” that retain Internet browsing information.

By contrast, automobiles rely on the on-board network of computers to function, and these systems cannot be turned off and still allow the vehicle to operate. However, vehicle owners and registered users have access to a variety of subscription-based services offered by manufacturers and third-party providers. Owners and lessees can opt out of subscription-based services or choose not to contract with certain vendors who seek access to various types of data.

What data can a consumer share with a third party?
In many instances, consumers have a choice.

For instance, owners and registered users can direct vehicle health reports and forward emails to their repairer of choice. If data is collected or transmitted by an automaker or third party, owners and registered users are informed of the collection of required data either at the point of sale or at the point of lease via the owner’s manual or through various service subscriptions upon registration or contract. Data is not tracked or shared without such disclosure. Examples of the types of data that consumers can share with third parties include:

  • Information necessary to diagnose and repair vehicles.
  • Vehicle “health data” such as emissions controls, tire pressure, oil life.
  • Driver behavior information such as average speed or engine throttle.
  • Subscription-based information and service options such as geolocation, navigation, automatic crash notification, and road-side assistance.
Who can access this data and is it transmitted or shared outside the vehicle?
One of the hallmarks of the Privacy Principles is that each automaker will manage them according to their own systems, suppliers and vendors.

There are limited circumstances where automakers may share info with government authorities if required by court order. These are outlined in the Privacy Principles.

Why did the auto industry develop Privacy Principles and how does these compare to other similar efforts?
Automakers take great pride in providing our customers with safe, reliable products, including data privacy and data security.

The Privacy Principles acknowledge that technologies and services in automobiles are increasingly designed to enhance vehicle safety, improve vehicle performance and augment the driving experience, and many of these technologies and services rely upon information generated by vehicle systems. Sometimes, that information includes the precise location of vehicles or how drivers operate their vehicles. The Principles represent a unified commitment to responsible stewardship of the information collected to provide vehicle services.

Data and Connected Consumers

Types of Data

Vehicles & Safty

Functioning of vehicle, including maintenance status, mileage, and operations.

driver

Driver physical characteristics or how a person drives a vehicle: i.e. speed, seat belt use, braking habits.

location

Precise geographic location of a vehicle.

account

Personal accounts established by vehicle owner.

Vehicles Exterior

Image is not available

DSRC Radio: vehicle 
to vehicle and vehicle 
to infrastructure communication

Image is not available
Image is not available

DSRC Radio: vehicle to vehicle and vehicle to infrastructure communication

License Plate

Image is not available
Image is not available

Autonomous Vehicle Imaging and Scanning: LIDAR, radar, ultrasonic
sensors, or exterior cameras

Telematics Control Unit (TCU): interconnects CAN Bus and external systems

CAN-BUS: internal communication bridge between Electronic Control Units

Tire Pressure Sensors: short range radio, goes to radio receiver

Image is not available
Image is not available

Event Data Recorder: black box with accident data

VCrash Data Retrieval Unit: extracts EDR data

Third Party Monitoring Device: OBD-II or external device communicates with fleet operator

Image is not available

 

Vehicles Interior

Infotainment System: access entertainment and navigation apps

Vehicle Services: Links to, e.g., roadside assistance and preventative maintenance reminders

Smart Phone: connects to car viaBluetooth, Wi-Fi or USB

Phone-Projecting Software: mirrors apps from smartphone

Image is not available
Image is not available
Image is not available

Infotainment System: access enterainment and navigation apps

Smart Phone: connects to car viaBluetooth, Wi-Fi or USB

Phone-Projecting Software: mirrors apps from smartphone

Image is not available
Image is not available

Vehicle Services: Links to, e.g., roadside assistance and preventative maintenance reminders

Image is not available

GPS Unit: uses satellite to inform location, navigation

Image is not available
Image is not available

RFID Vehicle Tag: enables
short-range tracking

Cabin Monitoring System: monitors eye movement to measure attention

VIN Number: long-used unique vehicle identifier

Touch Sensors: detects driver fatigue through grip, pulse

OBD-II Port: interface to driving and operational data

Sim Card: connectivity point for transmitting onboard information

Wifi Network: enables in-car internet access

USB Plug-in: connects via USB port for power or data transfer

Key Fob: supports keyless entry

Image is not available
Image is not available