Automotive Privacy

Today, drivers want to be as connected in their cars as they are everywhere else. As vehicles – and the smartphones brought into them – become increasingly connected, automakers are taking action to protect the privacy of customer data.

Automakers' Commitment

To enhance privacy, 20 automakers that are now Auto Innovators members pledged to meet or exceed commitments contained in the Automotive Consumer Privacy Protection Principles established to protect personal information collected through in-car technologies. These principles, first developed in 2014, were reviewed again in 2018 and will be reviewed periodically to ensure that they remain relevant and robust. Read about the privacy principles here.

These Automakers Commit to:

  1. Provide customers with clear, meaningful information about the types of information collected and how it is used.
  2. Obtain affirmative consent before using geolocation, biometric, or driver behavior information for marketing and before sharing such information with unaffiliated third parties for their own use.

These comprehensive and groundbreaking Principles incorporate long-standing Fair Information Practice Principles and Federal Trade Commission Guidance to establish a set of baseline protections for consumer personal information used with connected vehicle technologies. By virtue of automakers’ public commitments, the Principles are enforceable under consumer protection laws. In 2018, automakers reviewed the Principles in light of evolving technologies and consumer expectations. Automakers concluded that the fundamental commitments of the Principles continue to provide appropriate protections for the personal information collected from connected vehicles and reflect the industry-wide commitment to be responsible stewards of information used for vehicle technologies and services. Automakers continue to monitor evolving technologies and developments in privacy protection, and they are sharing information on their privacy commitments with federal and state policymakers, as well as their customers. Automakers commit to periodically reviewing the Principles to assess whether they continue to provide appropriate protections for personal information.

Types of Data and Connected Consumers

Vehicles & Safety: Functioning of vehicle, including maintenance status, mileage, and operations.

Driver: Physical characteristics or how a person drives a vehicle (speed, seat belt use, braking habits).

Location: Precise geographic location of a vehicle.

Account: Personal accounts established by vehicle owner.

What benefits come from car data?

Technologies and services available today enable greater road safety through connectivity.

Automatic crash notification calls help assist vehicle occupants when needed.

Alerts about traffic conditions help reduce congestion.

Electronic security or smartphone applications help locate lost or stolen vehicles.

These features and more are important to automotive customers, and automakers are committed to providing these benefits to customers while respecting their privacy.


What data is captured in autos today and how is it used?

Today, different types of data are generated, transmitted, retained, or shared for different purposes, including the operation of the vehicle. These include:

Data generated in an auto, but not transmitted outside the vehicle, that is necessary for the operation of the vehicle: 
Within a car, computer systems constantly exchange data to ensure the smooth operation of the vehicle. From steering to braking, crash avoidance, and acceleration, dozens of onboard computers simultaneously share information as consumers travel down the highway. This data is not transmitted outside, or retained in the long-term computer memory, of the vehicle -- unless it is part of a subscription service, in which case owner consent is required under the Privacy Principles.

Data transmitted outside of the vehicle:
Certain functions can require the transmission of data outside the vehicle. For example, automatic crash notification systems transmit data so that emergency responders can be directed to crash scenes with information on the nature of the crash. Diagnostics systems may transmit data outside the car to identify potential maintenance issues.

Data transmitted into and out of the vehicle:
While basic navigation systems are only receivers for directions coming into the car, enhanced navigation systems both transmit and receive data from outside the vehicle so drivers can learn about traffic conditions and get directions. Trip information may be retained for convenient access to previously accessed destinations. For greater convenience, vehicles can also transmit and receive data so consumers can remotely monitor where their car is, remotely start their car, obtain vehicle diagnostics reports and access on-board information services.

Data generation that is required by law:
Certain vehicle data is required by law, such as data pertaining to emissions controls, on-board tire pressure sensors, and gauges. The government requires that event data recorders (also known as “EDRs”) monitor critical information about the vehicles in which they are installed, but this information is only stored for seconds at a time and constantly overwritten -- unless there is a crash and then the data (immediately prior to and after the crash) is recorded for use in analyzing the performance of the vehicle’s safety systems.

Data that is shared:
Technical data regarding such matters as warranty or safety is shared with authorized dealers, who also share this information with automakers. Data may be shared with affiliates for product development. Some information may also be shared for marketing purposes, but only with clear and explicit notice to the vehicle owner or registered user.


What do consumers need to know and do to protect their vehicle information and car data privacy?

There are a number of steps consumers should take to safeguard the information in their vehicles.

First, check with the automaker:
Within a vehicle, internal computers are constantly communicating with each other to operate the vehicle, and automakers work hard to safeguard this in-vehicle computer network to preserve the integrity of safety critical systems. However, not all data needed to operate a vehicle is stored or transmitted. Privacy policies associated with the vehicle system are available to consumers, and automakers encourage their customers to review them. Automakers may provide customer notices through a variety of methods, including online, owner’s manuals, paper or electronic registration forms and user agreements, and/or in vehicle displays. Consumers will also find information on how to delete certain data they stored on their vehicles.

Second, always ask about privacy policies and practices of relevant providers, including:

  • Wireless carriers: Many customers pair their mobile devices with vehicle-integrated systems, so we urge them to check the privacy policies of their wireless carriers prior to pairing their device.
  • Mobile app providers: When customers pair their mobile devices with vehicle systems, they may also access mobile apps and websites that have their own policies for customer review.

Data transmitted into and out of the vehicle:
While basic navigation systems are only receivers for directions coming into the car, enhanced navigation systems both transmit and receive data from outside the vehicle so drivers can learn about traffic conditions and get directions. Trip information may be retained for convenient access to previously accessed destinations. For greater convenience, vehicles can also transmit and receive data so consumers can remotely monitor where their car is, remotely start their car, obtain vehicle diagnostics reports and access on-board information services.

Third, always ask who wants vehicle data and why:
Many data miners, retailers and service providers want access to consumer vehicle data. For example, insurance companies seek access to vehicle data for setting individual premium rates. Some insurance companies only want mileage driven per year, while others may want much more information, such as driving behaviors like hard braking and accelerations, or even GPS locations of travel. Under the automotive Privacy Principles, consumers must consent to providing insurers with vehicle data.


Is there any personal driver information collected?

Personal information is collected but automakers are committed to protecting this data.

The most sensitive types of consumer information relate to geolocation (where the vehicle goes), driver behavior (such as vehicle speed or use of safety belts) and biometrics (physical or biological characteristics that identify a person). For each of these categories, the Privacy Principles require clear and prominent notices about the collection of such information, the purposes for which it is collected, and the types of entities with which the information may be shared.


What data does a consumer own?

Increased Internet use and smartphones have raised many questions about data and ownership.

For instance, a consumer owns a smartphone but not the proprietary system and data that make the smartphone work. As autos evolved into complex computer systems that generate, store, and analyze data, similar questions arose about data ownership related to vehicles. Here are the answers:

  • EDR data: Automakers affirm they obtain vehicle owner consent in order to retrieve EDR data. In some situations, vehicle owner consent is not required, such as the driver is injured in a crash and data is need for a law enforcement investigation or court order.
  • Infotainment data: Consumers can control the type of information they enter into the infotainment system, such as music and contact lists.
  • Personal subscription information: Consumers can control identifying information, including name, address, credit card numbers, telephone numbers, and email addresses.
  • Technical data: Automakers reserve the right to use technical data that is stored in, and relates to the functioning of, the vehicle.


What data can a consumer review or control?

Data from contract or subscription-based services:
Some vehicle systems and third-party providers allow vehicle owners and registered users to access historical data from a variety of subscription-based services, including roadside assistance, navigation, automatic crash notification, entertainment, and concierge services.

Data from in-vehicle diagnostics:
Some data may be accessed by consumers via password protected websites, report emails, and mobile applications, as well as on-board reporting systems or embedded touch screens. This data includes diagnostics and vehicle information on emissions controls, tire pressure, oil life, upcoming service needs and brake life. Driver behavior information can include vehicle speed, safety belt use and information about braking habits.


What data can a consumer turn off?

On home computers or smartphones, consumers can tell online advertisers and retailers that they want to avoid “tracking cookies” that retain Internet browsing information.

By contrast, automobiles rely on the on-board network of computers to function, and these systems cannot be turned off and still allow the vehicle to operate. However, vehicle owners and registered users have access to a variety of subscription-based services offered by manufacturers and third-party providers. Owners and lessees can opt out of subscription-based services or choose not to contract with certain vendors who seek access to various types of data.


What data can a consumer share with a third party?

In many instances, consumers have a choice.

For instance, owners and registered users can direct vehicle health reports and forward emails to their repairer of choice. If data is collected or transmitted by an automaker or third party, owners and registered users are informed of the collection of required data either at the point of sale or at the point of lease via the owner’s manual or through various service subscriptions upon registration or contract. Data is not tracked or shared without such disclosure. Examples of the types of data that consumers may share with third parties include:

  • Information necessary to diagnose and repair vehicles.
  • Vehicle “health data” such as emissions controls, tire pressure, oil life.
  • Driver behavior information such as average speed or engine throttle.
  • Subscription-based information and service options such as geolocation, navigation, automatic crash notification, and road-side assistance.


Why did the auto industry develop Privacy Principles and how do they compare to similar efforts?

Automakers take great pride in providing our customers with safe, reliable products, including data privacy and data security.

The Privacy Principles acknowledge that technologies and services in automobiles are increasingly designed to enhance vehicle safety, improve vehicle performance, and augment the driving experience, and many of these technologies and services rely upon information generated by vehicle systems. Sometimes, that information includes the precise location of vehicles or how drivers operate their vehicles. The Principles represent a unified commitment to responsible stewardship of the information collected to provide vehicle services.


To whom are automakers accountable?

Participating automakers agree to meet or exceed these Privacy Principles.

By publicly committing to this set of Privacy Principles, participating members become accountable not only to their customers, but also to state and federal regulators.


See More Initiatives

Main Initiatives