> Today’s car has the computing power of 20 personal computers, features about 100 million lines of programming code, and processes up to 25 gigabytes of data an hour.
McKinsey doesn't cite any sources. But more importantly, processing 25 GB/hour is not exactly the same as collecting it. The later, in the context of this article, is definitely trying to imply that the data is stored in some sort of semi-permanent record. So, the piece is at least a little disingenuous. That said, I agree with the premise that to the extent data is saved, it should belong to the vehicle owner, not the manufacturer.
Tangent: "the computing power of 20 personal computers." What are they trying to say here? I've got a 2017 Chevy Volt and 2016 Mazda CX-9 and I'd be shocked if there were half that much computing power between the two of them. Maybe they are trying to say there's 20 CPUs among the various systems in a modern car? Still that seems like a lot.
7MBps sounds alrigth for anything consuming even a single source of video. it migth process that locally (lane departure, auto braking auto pilot, etc) and just upload the usage (e.g. how many times in the month you departed lane)
Processing also means it passed through the system. If I use the camera app on my phone, and it shows me a real-time video of what the camera is seeing, all that data is "processed" even if I'm not actively recording or taking a picture at that moment. It's not saved, it's just passed through and discarded. That's not nothing, because there's the possibility of it being collected, but it's not exactly the same either.
Also, no way in hell a car has even the computing power of one PC.
I used to do embedded systems for the industry on the software side (dashboards, door locks, keyfobs, etc). It's true that basically anything you consider a component has it's own integrated CPU, it's also an extremely weak CPU.
PIC-16s and similiar were the CPUs mostly used. We're talking 1MB of RAM, sub 50 MHz chips. There might be 100 of these, but that's still less computing power than a single mid-range CPU will give you these days. Sure, there are some more powerful CPUs in certain components, but none of them will even approach a desktop CPU.
I think it's a bit misleading statistic, as most of that data being processes are probably just all kinds of sensors and diagnostic readings, so pretty dull stuff.
If I'm a pedestrian getting my body filmed, 3D-scanned, with potential facial recognition and internal-organs-penetrating sensors added on top, _I'm_ the one who should own that data (and the right to not consent to its collection in the first place). Why are people weirded out by some Google Glass-wearing rando filming them on the sidewalk but ok for everyone behind a wheel to be suddenly promoted to a CCTV omnisensing recorder?
>Why are people weirded out by some Google Glass-wearing rando filming them on the sidewalk but ok for everyone behind a wheel to be suddenly promoted to a CCTV omnisensing recorder?
Pedestrians are promoting dense and walk-able cities, environmentally sustainable transportation, healthy lifestyles and are generally virtuous. Drivers are wasting space, killing the planet, promoting a sedentary lifestyle and are generally evil.
Yes I'm being a bit absurd and over the top here but the point is that most people aren't disciplined enough to stick to their principals when a group they don't like is the one getting screwed.
most people aren't disciplined enough to stick to their principals when a group they don't like is the one getting screwed
For most people, it's hard to keep out of group-think mode 100% of the time. It's especially hard to do when emotions are involved. As a consequence, most are only too happy to screw the members of the groups they don't like.
This is why one should stay away from politics where one is labeling another group as inferior or bad, based on how they were born, or based on what they believe. It's better to convince than to condemn.
I think it is even simpler than this in that most people don't realize they are being tracked in this way. It is easy to seem hypocritical when you are simply ignorant of a potentially parallel case.
You will absolutely get into some kind of trouble (social or legal) if you put a camera on a sidewalk and start filming whoever goes by. On the other hand CCTV cameras don't receive any flak. Society is usually not obviously consistent about privacy matters. The ultimate determining factor is what seems creepy vs what is necessary. So its entirely possible that some societies might decide that the video taping done by self-driving cars is sufficiently creepy to ban.
No you won't, I've had a camera mounted on my house for years with no issues, I did this when my car got hit by a neighbor and I had to chase down camera footage from a CCTV camera operated by a home builder down the street, having that footage was the only way they were held responsible for it, as after initially admitting to it they later decided they didn't want to pay. Many people also run dashcams for insurance purposes, perfectly legal.
Personally I find devices that record locally or to user-owned services perfectly fine, keeping local recordings on your dashcam's SD card, awesome, keeping your home recordings on your NVR, NAS or private server, that's okay, but sending that to corporate or government owned services is generally bad. There's a limit to how much an individual can do with the data they record from a few places they own, their car, their house, etc. There's no limit to how much abuse a large entity can do with that data, facial recognition and more computing power than they know what to do with.
Drawing this line legally however is... extremely challenging.
The reality is what we have here is a tradeoff between freedom and security with any individual CCTV camera. Those are both valuable things in their own right and such tradeoffs should be made carefully.
When we then hand that data off to a corporation or government entity, that tradeoff looks very different - now they have access to thousands if not millions of sensors. The freedom implications become much higher and the security is often replaced with things like "how good is our traffic data?", "how can we improve our self-driving system to sell more cars?" or "how can the Chinese government bust more Muslims?". The aggregated result is rarely worth it.
This is a bad attempt to ridicule the issue. Obviously we're talking about data here that is processable by third parties. Nobody but you can get (reliable) data out of your brain, but pictures of you or information about you kept on recording can be used by third parties for everything ranging from policing to advertisement or anything else.
In Germany for example Google Streetview is mostly not available, because a significant percentage of people considered it unacceptable and have the right to opt out of it, and the company has to blur faces, houses, addresses and so on.
It's not processable by third parties? If you tweet that you met me at a conference and then someone else tweets that you saw me at the airport, etc. now people can't use that to infer my location and travel patterns? You're just drawing the line conveniently where you can violate my privacy while simultaneously claiming the higher ground.
I hope your friends treat you with the fear that they should considering you seem to believe that their private information is not "processable by third parties" and therefore probably treat it with no discretion whatsoever.
> We know our smartphones, Nests and Alexas collect data, and we’ve come to accept an implicit contract: We trade personal information for convenience. With cars, we have no such expectation ... What carmakers are doing with the collected data isn’t clear.
At least Tesla has demonstrated that their data collection is for training their full self-driving capability. That represents tremendous end-user value, in my opinion.
To me, this NY Times article is an argument that smartphones and smart agents should exfiltrate less data than they do. It's the purported end-user value of smartphone and smart agent data collection that I find less credible. Yes, they should collect data, but it's quite unclear why so much of the data needs to be hoarded and used by cloud motherships. That data can be stored and worked with on-device; the premise that on-device computation is too limited is just flimsy.
Frankly the value of smart agents as a whole is a bit murky, especially when lined up against full self-driving cars.
At least Tesla has demonstrated that their data collection is for training their full self-driving capability. That represents tremendous end-user value, in my opinion.
Musk has claimed that. Whether it's doing any good remains to be seen. Large amounts of data from normal driving are probably good for training lane keeping, but not that useful for handling emergency situations. Teslas are still running into crossing semitrailers after three years of "data collection".
Teslas upload about a gigabyte a month.[1] Here's some trip logging data, from 2017.[2] Trips are logged in straightforward XML. Other stuff, not clear.
> Large amounts of data from normal driving are probably good for training lane keeping, but not that useful for handling emergency situations.
The supposition I've seen is that they have models running locally to extract the most 'surprising' situations (for example, situations where the driver's inputs and the self-driving algorithm's differ substantially, or where other vehicles do not behave as expected) to send back to the mothership to train on. This would do a ton to improve their ability to deploy actual self driving in the future, and is far more than just 'normal driving' or 'lane keeping'.
Tesla has repeatedly made misleading statements about the ability of their systems, and has intentionally caused these crashes.
It is a very well known fact among people working in these fields that a half automated system is a disaster waiting to strike. Human-only controls require the driver to stay focused. Invisible enhancements (power steering) and enhancements used in emergency situations (collision avoidance braking) are just that - enhancements. Fully automated systems also work well. Half-automated systems like Tesla's, where the computer works 99% of the time, cause operators to get distracted - nobody concentrate on watching paint dry for hours on end - and then when the system fails everyone dies in a giant flaming fireball.
One can make excuses about how the exaggerated claims about the system's abilities were made by the marketing department (not engineering) or that it says in the manual to stay focused on driving the vehicle. But ultimately it's all BS. Because this:
> it’s always the driver’s responsibility to operate the vehicle.
Should have been this:
> it's always the manufacturer's responsibility to make a vehicle that can be safely operate.
And Teslas cannot be safely operated by any human when autopilot is on. There are plenty of people at Tesla that know this. And no, just because marketing went on a giant campaign to show everyone how Teslas drive themselves, does not mean that the organization as a whole is not responsible for those actions and for reining it in.
This is no different than Boeing repeatedly misleading the public and regulators about the safety of their planes over the span of many decades in order to shave a few dollars here and there on R&D/manufacturing costs. Boeing is as responsible for those deaths as Tesla is for the ones caused by Autopilot.
Unfortunately I disagree with basically everything you’re saying.
AutoPilot is perfectly safe if you look out the damn window while it’s operating. There are some disputed statistics saying that it is in fact safer on than off, even over the same type of miles. AutoPilot has in fact been safely operated for over a billion miles in the real world.
Drivers need to look out the window. It is not in any way difficult to maintain situational awareness while operating under AutoPilot for extended periods of time. In fact I find it easier to stay alert for longer periods of driving — that is, longer drives are less tiring — when using AutoPilot. It is in no way akin to “watching paint dry”.
The claim has been made that Level 2 autonomy is dangerous because of the ability for the driver to become distracted. This is actually true of all modes of driving, and relevant from Level 0 through Level 4 autonomy. Smartphones are often cited as the reason why driving death rate stopped falling for the last several years. Meaning distracted driving has killed thousands of drivers in that time. Distracted driving has also killed 3 people while AutoPilot was engaged. This is tragic, but it is wholly the drivers’ fault.
Using AutoPilot for about 5 minutes will disabuse you of the notion that you don’t have to pay attention. Anyone who has used it will testify that there is no question the driver needs to monitor it. The name of the feature, or Elon’s fantastical claims of future capabilities, is basically only perturbing to those who haven’t actually used the feature.
However, I think it is reasonable to question whether Tesla AutoPilot presents simply too great a temptation to willfully abuse the system. That is, to check your cellphone or watch a movie or otherwise take your eyes off the road. Not because it is hard or too difficult to remain focused, not because the driver believes they don’t need to be looking out the window, but because while the driver knows they should watch the road, they decide to cheat anyway. Unfortunately the same thing happens in Level 0 vehicles, which tragic results, all the time.
It’s reasonable to question how much cars should be monitoring the attention/gaze of the driver and alerting, chastising, or otherwise forcing the driver to re-engage. But any such discussion would be superficially anti-Tesla if it were to disregard the universal nature of the problem of distracted driving.
Mandatory driver attention monitoring systems, in all cars from Level 0 to Level 4 autonomy, would likely save over a thousand lives a year in the US alone. It might even save 1 life a year in a Tesla.
Your false equivalence with Boeing is egregious. Pilots stuggling to maintain control over a fatally flawed plane is not even on the same league as a distracted driver watching a movie while their car hurtles down the highway into the side of a big rig. The pilots of the 737 were in no way negligent or distracted whatsoever. They were actively subverted by a malfunctioning airframe intent on flying them into the ground, god rest their souls.
The data collected by phones are used to train systems like web/voice search, voice translation, and routing algorithms, all which ostensibly (or, at least, purportedly) benefit billions of end users on a daily basis. I don’t see how you can say Tesla’s case is so obviously a more justified example. In any case, this article is about all cars — Tesla vehicles are still a sliver of the user base.
Maybe (some of) the information collected by the OS vendor is used for these purposes. The majority of it, the stuff sent by third-party SDKs back to that third party, is just to enable customer profiling or "analytics".
Sorry, what’s this straw man argument that you’ve attributed to me? That I’ve asserted every piece of data collected by Android goes toward a public good?
I think it's more valuable for two reasons. One the end result is more valuables, I'd trade all of those services for self-driving cars. And second I think other types of data are easier to get than driving data.
We are not given any evidence or elaboration on how Tesla (or any other company) is using that data toward self-driving, nevermind that the data will be exclusively used for just that and not a myriad of other self-serving purposes.
> At least Tesla has demonstrated that their data collection is for training their full self-driving capability
No, it's also so it can defend itself with the line that "hands weren't on the wheel" whenever an Autopilot-enabled car crashes again.
Forget the fact that a malicious actor could probably make it look like that anyway, or even the fact that Tesla's own "hands on wheel" sensor isn't very accurate at all.
> At least Tesla has demonstrated that their data collection is for training their full self-driving capability. That represents tremendous end-user value, in my opinion.
Not to me. That data collection is the #1 reason why I would never consider buying a Tesla (and, increasingly, other new cars as well.)
There’s a button in the UI to switch off AutoPilot data collection with no loss of functionality. When you first get the car and enroll I believe they prompt you then as well. (Opt-in!) [1]
You can also email Tesla and tell them you want to go dark in which case they shutdown the LTE connection entirely. Then you have to go get firmware updates at the dealer and of course online traffic aware maps, and streaming radio won’t work.
If you don’t believe them when they tell you it’s shut off, and you don’t believe the UI when it tells you it’s disconnected, then I suppose you can just unplug the antenna?
If, for some reason, I have to own a car that is capable of sending data wirelessly, this is exactly what I would do.
I don't see that needing to happen, though. I'm old enough that I can reasonably expect that older used cars will be available to me for the rest of my life. I don't see myself buying a new car at any point, due to these issues.
I don’t know how old you are, but I suspect ICE vehicles will be banned or heavily taxed/tolled in an increasing number of locations over the next 20 years.
I’d think disabling the wireless is a minor inconvenience to experience the joy of an EV.
I have no special desire for an EV specifically (and yes, I have used them!) I don't have any problems with them, they're just no more or less attractive to me for being electric. I very much prefer not to own a car at all when I'm in a position where I can get away without one.
But as I said, if I had to own a modern car, I'd disable the antenna. But it's a whole lot easier to just buy a car that doesn't have that nonsense in the first place if that's possible.
I agree with you but I fear we are in the minority, because Average Joe wants fast with shiny wheels, and is completely ignorant or complacent about some esoteric idea of a right to privacy.
the OBD is the computer in your car for sensors but has turned into a massive repository for anything CAN (car network) related. Some newer cars store radio station presets, seat positions, and even dimmer settings in the OBD alongside their battery-backed RAM. some models of BMW even store the unlock codes for their pricy radios in the OBD tables.
hardware like onstar is stored in a dedicated metal box usually under the glove compartment in most cars. it includes a harness for the OBD data, and a small modem usually mated with a riser. That modem also controls any wireless features and of course cellular transmissions. if you dont like your car phoning home, you can pull the riser or clip the antenna leads, but this will likely also affect wifi. Bluetooth pairing is generally part of the head unit in older cars, but if you have onstar this is commonly being added to the daughterboard for wifi.
as for processing? absolutely. sensor samples are sometimes taken thousands of times per second for things like airbag state and seatbelt pretensors. i guess if you counted up the bits and bytes over the CAM as your datapoint, then yeah its 25GB of data...but its not meaningful...unless youre in the process of a crash.
onstar is always my biggest gripe. anything that can remotely stop my car or unlock my doors makes me a little too paranoid, and ive never once pressed that stupid button expecting to speak to anyone who can help do anything meaningful.
but what about emergencies? onstar uses data triggers from the OBD/CAM to sense airbags in the deploy state, and that apparently triggers an automatic dial out to onstar whether you like it or not. If youre removing or replacing airbags, that means you have to disconnect onstar first or youll wind up with firetrucks and ambulances outside your garage. Speaking from experience.
Something that bothers me is why are companies so casual about attaching fragile networked software to long-lived durable goods like cars? The manufacturer has no economic or legal incentive to keep that patched over the life of the hardware.
This is the rotten shortsighted mindset of modern-day tech: all the benefit for the company, none of the responsibility.
Something that bothers me is why are companies so casual about attaching fragile networked software to long-lived durable goods like cars? The manufacturer has no economic or legal incentive to keep that patched over the life of the hardware.
Indeed. See also: almost all new TVs are now "smart" TVs, almost all new phones are now "smart" phones, a high proportion of "smart home" and IoT devices simply stop working if some remote service is discontinued (or your Internet connection is slow or down), and so on.
Without reaching much further, mobile operating systems, Windows 10 and a significant amount of locally run desktop software are also practically built around phoning home and relying on remote services by design now, and doing some shady things around tying security or compatibility updates in with other changes you might not want or need.
I came around to the view some time ago that some sort of fairly draconian regulation is the only way to stop this. It simply shouldn't be a prerequisite for using normal, everyday devices that you have to give up your privacy, nor a prerequisite for continuing to use something with a software element the same way as when you bought it that you have to accept arbitrary changes in the software or legal terms later.
My own little soapbox is that if you buy a product, it should always be possible for the consumer to return it to exactly the state it was at the time of purchase.
So no forced or unrevokable updates that ruin (or even change) things.
I have a TV that has on multiple times broken things with firmware updates, and there is no known way to downgrade. I'd name and shame the company but I'm sure that almost every manufacturer gets away with the same bullshit. Same with cellphone manufacturers.
Why can't they just shut it all down when they're done patching? Send out your final patch disabling networked functionality completely.
Nothing in the car should be reliant upon such services, hacking the remaining systems after this is disabled would involve physical access to the car, considering you can just as easily unscrew the pedal or cut the brake lines or what-have-you, that's probably an acceptable tradeoff.
My car has Android Auto and I know eventually it's going to stop working with new phones and that sucks. On the other hand, having Waze or Google Maps and access to my podcast player and all the other neat things it can do is pretty compelling. My wife's car has a built-in GPS and maps function that is always out of date and we have to pay for updates.
You're very astute to realize that this will break eventually. Apple updated iOS a couple years back and broke the Bluetooth integration with my 2011 Subaru. Apple told me it was Subaru's fault, and to have them update my car's firmware. When I mentioned this to a service guy at the dealership, he just laughed.
I think the big thing is that people expect their phones to leak some data. It communicates by definition, and that is essential to its operation. The fact that your car leaks such a large volume of sensitive data is surprising, and because it doesn't "need" to collect this data to perform its main function, which is converting dinosaurs into motion.
A car also holds a different place in the American consciousness, although that may be shifting. We see our car as an extension of self, while the phone is a connection to other people. We have greater expectations of control and privacy from the first than the second.
But to your point: I think the same statement should also be true of other data as well.
Let’s throw in our toasters, fridges and washing machines as well. Then some data scientist can correlate the best before dates of foods in my fridge by the number of panties in the washer in order to target me with ads for tummy meds.
I assume you don't use a smartphone, for the sake of consistency. It's really hard for me to draw a distinction between home voice assistants that you can activate via a voice command and smartphones that you can activate via a voice command.
For voice assistants to be misused only takes malicious intent or incompetence on the server end since they hear and transmit (Perhaps with activation phrase) by design.
For my smartphone to be similarly vulnerable I would need the server side plus malicious or incompetent intervention on the client end to enable voice activation (I have voice activation disabled).
Plus my smartphone hardware is not as capable of picking up voices around the house plus I am not actively positioning it in several rooms to do so.
You're still trusting Apple to actually turn them off. I have zero reason to doubt Apple on this. However, I also have zero reason to think Alexa is transmitting even if it hasn't been woken up with the wake word.
We can't know everything for sure in this world, it's true. However, Apple has taken a stance on privacy, Amazon hasn't, and has made a name for itself in how it treats folks and where it prioritizes profit.
Now, I don't think they have mics on all the time either, as it would be impractical. But rest assured they are vacuuming up every morsel of information they can for monetization reasons. And law enforcement has been banging on the door to get access. After the next tragedy they will get through.
> And law enforcement has been banging on the door to get access. After the next tragedy they will get through.
Law enforcement wants access to Alexa devices? I don't doubt they do, but can you cite examples of them trying? What kind of tragedy are you alluding to?
Same. Also Cortana or any other thing like it which is really sad seeing how useful they could be. To have to choose convenience or privacy sucks. I wish there was a middle ground. I would happily pay for a voice assistant that lives on my machine and respects my privacy.
Agreed, but to be honest I probably wouldn't use them even without the privacy implications. Would rather do a few taps than carefully craft a sentence that might not be understood.
Is there evidence that the big name home devices like Google Home and Amazon Echo actually collect your speech? I was under the impression it was just a small ARM board that uses recognition to execute commands. My mom has a Dot, but I am clueless.
Thanks, somehow never noticed this article. For the record, my parent comment isn't rhetorical or sarcastic, I've just entirely avoided the trend and am not the target market.
Interesting. I guess I was fooled then when I took a cursory look at the specs (months ago), and only really noticed the first part. Definitely won't be buying into the trend myself.
Yes - it's been very clearly communicated since the launch of the Echo in 2014 that the speech goes to the cloud after the wake word is detected (which happens on device).
I don't limit this to cars, personally. I think the principle applies across the board. That's why I go to great lengths to prevent all software from phoning home without my express permission.
I'm all for retaining ownership of your Spotify playlists, Bluetooth synced contact list and location data.
But given the number of vehicular deaths, I'm all for having authorities access blackbox-style data like pedal state, acceleration vectors etc. that some controllers already keep around. If you are operating a 100 kW machine in public, how you do it isn't a privacy concern.
On the contrary, the how you do it includes where and when you do it, which is a major privacy concern. Sure, a black box to get telemetry after the fact might make sense, with specificity and my explicit knowledge when access happens. I'd have a hard time turning that into free data for any particular company or government to have though, vehicular deaths aren't the only issue in our world.
Not really/depends. Florida has the Public Records Act (which is why we have "Florida man" and "Florida woman" headlines) so there the police's crash report is public, but if your car hits another car on a backroad in any other state, more often than not only the two drivers, their insurance, and the police know about the event.
The last accident I got in (a fender-bender) was about 10 years ago -- and only myself and the other driver knew about it. No insurance companies or police were ever told.
Generally, information recorded (or maintained by, and often if contracted through a third party) by a government agency is made public if that state's public records law does not consider it to be private. "Private" is usually defined on a state-by-state basis. Every state has a public records law.
Some states consider license plates to be private, while others don't. Foe example, Illinois considers license plates private only if it's associated with other personally associatable information.
Aggregate or redacted information on accidents might be accessible in the case of privacy exemptions. Unless it's all on paper, which dramatically complicates things because of the efforts required to review/redact where needed.
In other words - if an agency has access to records on traffic incidents, it's probably accessible.
Wouldn't think so, although I live in Germany so YMMV on that question.
Around here there would be a public record of an accidents location if it was big enough to bother waiting for the police, although the public portion of that would not be tied to my name or license plate. Announcements (by authorities) on larger accidents mostly contain maybe an age, gender, and generic vehicle information. Other than that only the two insurances involved would get more data.
The only thing I could think of that made more information public might be lawsuits that could occasionally result from an accident but I'm not sure on how public those currently are. Our news around here usually refrain from naming people in reporting anyway if it's not too relevant or it's a public person anyway.
If it's reported, it'll be a record somewhere, if only in your insurance company. They seem to get sold on a lot to third party claims companies.
If there's a police report, then of course it's a public record.
In the EU, the "e-Call" system is being rolled out which mandates that the car automatically phones home in the event of a crash: https://en.wikipedia.org/wiki/ECall
The location of the crash is public. Who was involved is not. AFAIK You can download the locations of fatality crashes here. ftp://ftp.nhtsa.dot.gov/fars/
>I'm all for retaining ownership of your Spotify playlists, Bluetooth synced contact list and location data.
>But given the number of vehicular deaths...
Ah the good 'ol "my principals go out the window when $emotionally_loaded_topic is involved."
Nobody, not the insurance company, the DMV, nor the people debugging the software in prod deserves access to ones data without express and informed (i.e. not a million word eula nobody reads) consent. It's no different than data generated by a cell phone or smart blender
Anyone worried about safety can find an external way to monitor that.
Death is just an "emotionally loaded topic"? I think it's perfectly reasonable to have principles, but value those principles less than human life. In fact, I wish more people did that.
There are plenty of cases where we can and do make exceptions to personal privacy for public benefit, under certain guidelines. E.g. medical data is one of the few things that's actually private by law in the US, but we still find way to make aggregate data available for epidemiological studies. Location data is absolutely sensitive data, but there are valid reasons to make subsets of it available for the public benefit.
> If you are operating a 100 kW machine in public, how you do it isn't a privacy concern.
I'd be more likely to agree if traffic laws weren't already such an arbitrary garbage fire of selective enforcement.
Though assuming this data was not networked and belonged to the individual (can still be used as evidence is court), a black-box is probably a good idea.
Or we could spend a small fraction of the war on drugs on more traffic cops and save many more lives than the war on drugs has. Driving is extremely dangerous, and there is a significant number of people out there making it even more so by tailgating, suicide lane switches, and excessive speeding for the road conditions.
Agree. Any activity that is so hostile to other people should be monitored aggressively, and privileges revoked for the slightest reason. By the same token, you should need to file an individual route permit anytime you want to exceed 20 mph in a multi-ton vehicle. The externalized social costs of designating ~25% of our cities' surface area to violent human exclusion zones is hard to overstate. For one example, it's become rare for children to walk (to school or anywhere.) How much is that worth?
My children walk all the time, including to/from school every day. And there are plenty of their friends on the sidewalk with them.
It's also difficult to overstate how much value universal transportation has brought to the human race. Maybe more than enough to justify the surface area dedicated to it.
I think that the ideas of Personally identifying information and Personally generated information need to be clearer. Information that exists because I pass through the digital world is still about me.
Then we can envisage some changes in the law - the presumption in law should be that data about or generated by me should be owned by me - in the same way copyright is presumed to belong to me.
If we then add in a public commons right to access such data royalty free (ie health researchers get a free pass at my data presuming they follow normal protocols) and chuck in any commercial or other licence I might grant is time limited an automatically runs out after a year and needs to
be renewed with my consent, and I think we can sort this data privacy problem out.
> Personally identifying information and Personally generated information need to be clearer
The problem is that with Big Data, there isn't much difference between those two things. Almost all unique data can be combined with other data points to become personally identifying.
One thing I'm confused on from this article is which car brands might be more or less egregious in this dimension. For example, I drive a VW, and my car is Car-Net capable, though I have not enabled the service. Is Car-Net (or some similar service) collecting data despite my not having enabled it? Clearly the car has the ability to transmit data since Car-Net is an option.
One of the reasons I didn't buy a Tesla was because I didn't want Elon tweeting about my actions if something happened and I died on the road. The salesman laughed at me when I said this.
While I acknowledge this is extremely unlikely, I'm still not interested. I want to be in control of all my data, all the time, in all situations. I don't want any third party to benefit from studying my behavior, ever. If you try to build a business model around mining people they are going to start fighting back sooner or later.
I agree with you - their public disclosure of details of incidents over the years lacked... class.
Also, you can opt-out of all tesla data collection.
There are a few levels of this. One is in the car's UI, LITERALLY hidden at the bottom of "safety and security" there is a [Data Sharing] screen that you have to scroll to see. It supposedly prevents video clips from being uploaded to tesla. Other parts of the UI ask for permission, such as traffic-aware routing. I don't know about the new chrome-based browser - we know google has baked tracking baked into chrome.
Level two is basically "disable the SIM" no online access. Stuff doesn't work, like the map tiles won't load from google and loads of other data can't be transferred to tesla.
It's still not clear what happens with level two when you enter a service center, because onboard wifi will auto-connect to tesla APs.
I'd add:
at least possess this data, maybe also control (but not necessarily 100% e.g. I would want to be able to say, as the nation-state, that some data must be made available to others, e.g. safety related, accident related, energy efficency related)
Sounds like a fairly obvious rule. Doesn't make it easy for the business to sell the value added services things or to make moat vs competition...
This. Also - I have doubts about how much data is collected, and by whom - who is paying for the bandwidth on a cellular network to send this data...somewhere?
While working in technology design & specs at Toyota HQ, I was told that one day, it might, in theory, be able to make cars free just funded by all the data it generates from you. Whether that will ever pan out is speculative but that’s a startling concept nevertheless.
Car makers will get data they can use to simulate and test their self-driving cars.
But car makers will also get full GPS traces - showing where you live, where you work, where you shop and every time you speed. And they'll probably get what phone was seen on bluetooth, how many seats were occupied, and what radio station was listened to. All identifiable by vehicle, and very close to identifiable by driver.
Will they manage to make good use of the former, while avoiding the temptation to monetise the latter?
Of course, Google gets a bunch of data from Android users already, so one might very well argue most users aren't concerned about such things.
I saw an article here ages ago that stated researchers only needed very little driving data and they could identify the driver. So many hidden patterns in the way we break or accelerate they were able to with a high accuracy identify the drivers. I have no doubt cars can and do identify drivers.
Sometimes I've wondered if that data is also predictive of how you'll react in different situations or perhaps in a game like poker or stock trading. Maybe an AI can use it to tailor a pricing strategy just for you in not too distant future. that's near black mirror territory.
With occupant weight sensors in the seats, I bet they could pretty accurately identify the driver and passengers. Maybe our car will start sending us notes when we gain weight, reminding us that we haven't been seen at the gym location lately.
Crash data recorders typically store ~5 seconds of control inputs and are designed to survive a crash. This evidence can either hurt or help you. What should be done here?
How does it come as a surprise when things that were only recognized as having gone on underneath layer after layer of technical jargon are finally brought to general public awareness?
You don't get in trouble for doing things, you get in trouble for getting caught doing them. It's been a long time in coming, but awareness is finally starting to hit tipping points in meaningful ways.
No, literally by the radar... I'm confused what you mean. Surely it's not news to a pilot that ATC facilities save radar data. For how long is a different question.
Sorry. My apologies. I think I see the misunderstanding.
Under the radar is an idiom. It is used to describe things that occur in areas not typically subject to observation, or widespread acknowledgement/general awareness. In this case by regulators, or the public in general.
I think you might have misunderstood the poster above you when they suggested trying to fully automate airplanes; maintaining the analog of every sensor required to fully enable totally automated operation would require the installation of full suites of broadband sensors on the plane, allowing it to collect all information with regards to the environment it is working in, and sending it "back home". Admittedly, this is less problematic, because planes don't operate within the confines of everyday life, and thus are not omnipresent, capable of acting as a ubiquitous surveillance platform.
When I say this has been going on "Under the radar", I'm referring to the slow adoption of increasingly more varied and densely packed sensor packages in vehicles offered to provide some token discount, but with very little oversight into what type of data is generated, communicated, stored, or otherwise.
Planes being tracked by radar is fine. That comes with the mode of transport. It's an air transport's version of a Stop light or signage.
Long term persisted data collected by cars, however, is not, and should not be.
I don't know of any one-stop shop for such instructions (they vary according to the make and model of the car). The last time I needed to learn this was a number of years ago, and I just searched the web for "<car make and model> disable antenna" or "disable telemetry cell".
unrelated to this particular article, but it seems nytimes coverage is tending more and more towards tech Luddite category these days. It is one thing to inform the readers but they seem to be bent on spreading fear about all things tech.
This is exactly what you should expect when tech companies get to run roughshod over any regulations or consumer protections.
This isn't fear mongering against technology. This is bringing up absolute points about corporations completely out of control. I mean, for all that is good, the phone companies are still fighting the government on why it is good they can sell our cellphone/location data to whoever they want.
From drones to cellphones to Smart TVs to cars, it's all big brother now.
Orwell could only dream about the things that are possible, and our governments certainly don't seem to be fighting for the little guy who wants to live a private life.
Collecting my car data as a sanitized way of saying a creepy auto manufacturer is constantly spying on us. In what scenario did it suddenly become okay for corporate America to spy on us constantly?
In Europe, the GDPR should protect against this. Is that actually the case, and is an opt-out possible for all EU car owners? And would, e.g., a Tesla whose owner has opted out still get software updates?
Why not have that data go someplace it could do real good in informing better safety systems, better traffic management and so on.
Privacy is a spectrum, I am getting kinda tired how people think data about them is "theirs". In some cases maybe it should be, in other cases, it should not be. Now maybe you should have a right to see it, download it, and remove identifying markers but I am so tired of this extreme privacy movement.
> Why not have that data go someplace it could do real good in informing better safety systems, better traffic management and so on.
Sure, why not? The issue isn't about the data going there (it's not going there anyway), it's about who can tell where the data can go. That's the definition of ownership. Data generated by my car should be owned by me, I should be able to give them to the public if I so choose. But more importantly, I want to be able to easily access this data.
As others say, this is not extreme, it's common sense.
Tangential: what irks me about data ownership discussions is that they tend to divide people into three classes: the government, the business, and the unwashed masses, i.e. consumers. I'm a member of the fourth group - technically sophisticated enough to do better job with the data than your average businesses, but not interested in building products - just DYI one-off solutions for myself. There's plenty of people in this class, but it's always pushed aside as a "small minority".
Semantics :), the device created the data, they played a role but I don't see why that means they control it. If the data plays a role in improving services or life for everyone let the data serve its role.
We still need strong regulations and gov agencies to enforce/protect, but I just don't see the point of claiming everything is your data blah blah.
If the shutter fails to open to spec, would you want them to know about it and have data to improve it via a firmware update or next version of the product?
Please read my post, and really read it :). I am not saying all data is theirs, I am saying it depends on the type of data and I don't want to see no data being shared.
When an application, say a browser, crashes on my computer it asks whether I want to submit the crash log, and I decide whether or not I want to.
I don't want the applications to continually send the data to the vendor.
In your case, Canon will ask to look at your camera or ask for some log, you will give it to them by choice, they will look at it and find/fix the problem. There is no automatic implied approval just because I bought something from someone.
Yep I understand your POV, I don't always agree depending on the data being provided. I think in some cases a good case can be made you don't get that decision if it helps improve health outcomes or improves driving safty or so on.
It is a hard line to draw, but I believe we can do it over the next 50 years as long as we don't draw a hard line that all data is mine.
> If the shutter fails to open to spec, would you want them to know about it and have data to improve it via a firmware update or next version of the product?
You are not being forced to reveal anything :). That is coming from your standing POV that this data is yours.
Look at it from the perspective the data is not anyone's to start. The data is something you played a role in creating but you do not own. Next, how do you decide who controls and gets access to which parts of the data and what are the reasons behind that?
Data that identifies you might own and keep private.
Data that can help the manufacturer improve the product/services they might get.
You are arguing that I should be, though. Whether or not I "own" the data is irrelevant to this point. If I don't have a choice about it being revealed, then I am being forced to reveal it.
> Data that identifies you might own and keep private.
Given that very powerful databases and data mining technologies are commonly employed, I think that this category covers the vast majority of all data that is created as a result of my actions or the actions of machines that I own.
If the device is the primary contributor in terms of “creating the data”, then why are users needed?
The users and their personal behavior and usage metrics are obviously the valuable part of the data — not the device that logs and measures the data. Also, (though I’m sure there’s “semantic” nuance in this too), the users are the ones who pay to possess and maintain the data-creating device.
I do not think just because you are involved in creating data that means it is yours. When you give data to the census that isn't your data... when you click an ad and buy something that data isn't your data... I just don't get this notion that data is yours because you are involved in its creation. There is data about you that might be private or personal and should have protections, but the notion that data you have a role in creating is yours seems extreme.
So the Census is enshrined in the Constitution, ostensibly because it would be impossible (pragmatically speaking) to facilitate a representative democracy without an accurate population count. I don’t think it’s productive to go off on a tangent about the legitimacy of the U.S. Constitution, unless you actually believe that corporations should be afforded the same role and mandate as the federal govt (in which case, hoo boy, I have no interest in following the rabbit hole of your thinking.
“It’s a symbiotic relationship”
Sorry, you’ll have to do a bit better than that. Many of us are old enough to have owned and driven vehicles quite well with no automated telemetry. The same can’t be said for account-based online social networks, which have always required user data to fundamentally function.
Like I said, you are not being forced, it isn't your data to start with is a different POV to approach this from. You are stuck in the mindset that because you are somehow related to the data you get ownership.
How about the POV that if I buy the device, I decide what the device does? This is a fundamental property right. You may argue that the data created isn't "mine", but I would argue that it is absolutely my data if it is created by a device I own. The fact that someone else manufactured the device doesn't give them some sort of retained ownership once they sell it to me.
> This is a new situation that is going to get bigger with iot.
This issue is precisely why I won't be buying any IoT device that requires the use of a third-party server, which currently means any commercial IoT devices.
I just don't get why you think that data is yours.
I don't see that data as anyway owned by you, you might have rights to aspects of it, but in no way can you demand ownership over something you don't own.
> I just don't get why you think that data is yours.
Because it is data about me that I'm generating personally, on my own personal equipment. That data is literally nobody else's business unless I choose to share it.
The choice is "you can choose not to form that relationship [with that vehicle]" (choose not to drive, or purchase a "dumb" car that still has a backup camera and blind spot monitor)
Neither of us is wrong :), but neither of us is probably right. Your full stop refusal to see the other side is worrisome to me. There are other viewpoints out there, I'd appreciate if you try to understand them. I understand yours but if you react with stubborn hostility, I will mirror it :)
I can see how you might think I'm not seeing other viewpoints. Instead, perhaps you should see that I am rejecting other viewpoints. And I can see how it would worry you: your comments worry me too.
So let me re-frame our conversation. Let me re-root it to something that I will not budge on:
If I buy a device then I own the data on it. If I own a device then I own the data collected by it. If I own data, then I have every right to refuse to allow that data to be accessed by anyone other than myself.
If you want access to the data to be a precondition of my use of the device, then do not pretend you sold the device to me. At best you are providing a lease.
Yep, I understand what you are saying, what I am saying is that I do not agree with you :). I do not think buying a device means that the data it produces is solely yours to control/own.
So would you please post the data on your devices here on HN, since you think we are all collectively owners of it? How about we start with your location and search history.
If data is generated by something I own then it is my data and I don't care if it affects someone's business model or whatever perceived future benefit they are promising.
And trying to maintain status quo is not extreme privacy movement, it's common sense.
there is section for "From or about your Tesla vehicle"
Its a bit weird to agree to this when buying your vehicle and complain about it later.
Its not like they are doing it behind your back like FB, they are telling you upfront what they are collecting. how can you possibly have a problem with that.
1) Huh, what makes you believe I own Tesla - maybe that is not what you're implying but kinda confused by your wording.
2) Still, thanks for pointing that out. Now, I'm even less inclined to buy a Tesla.
3) Wonder what happens in private sale of used Tesla, since the second owner never agreed to such terms, or did they? (Depends on when these terms are presented to them). Could lead to a class action, just saying...
4) Are we now at a place that in addition to the vague financial terms people will have to also comb through T&Cs before buying a car. If so, that is not a good heathy trend.
3) Wonder what happens in private sale of used Tesla, since the second owner never agreed to such terms, or did they? (Depends on when these terms are presented to them). Could lead to a class action, just saying...
This is my thought exactly, and not just for Tesla.
The original purchaser agreed to the privacy policy, but if the original purchaser goes on to sell that vehicle in a private transaction, then the second purchaser did not agree to said privacy policy.
Also, since private sales are just that - private - how does the manufacturer know who the data is now about?
I read the privacy policy behind your link expecting to be outraged, but they do seem to offer opt-outs, which is barely acceptable. They claim if you do not consent to their data collection, to “contact them” which is encouraging. I’d love to read about the experience of an actual Tesla owner who actually went through the process of denying consent to Tesla and see if it actually worked.
If this is such a net good then why does the entire system have to be concealed from users via layers of legal obfuscation?
If it's all in the service of public good, then sure I'm in. But if it is, why is it carefully designed such that at any moment the collectors can productize it? And if I'm a contributor to the data why don't _I_ get any rights to the output?
It's one thing to say, "I observed your public outputs and drew a conclusion and you have no business about that conclusion." I can get behind that, to some extent. But it's another entirely too weave the fabric of your data collection into every device I interact with and use it to monetize my life. It's an insult on top of injury to suggest that I'm not allowed to know about the collection you're using objects I own to execute upon.
Because I own the car and it is, in reality, extremely sensitive data that can reveal everything from your political beliefs to your sexual orientation.
Why is that sensitive data? I am going to be a tad provocative here and hope people can dig deep and think about this :)
Facebook already has this, and most people are sharing this in the public sphere. I understand the worry and damage that can be done, but I feel like we are moving from a 1950s model of hide it all and pretend you a perfect, to more of a this is who I am and let me live my life as long as it doesn't hurt others or society.
I’m sorry, I usually expect these threads to turn into “but Orwell!” vs “but what do you have to hide?”, but this is the first time I can remember (at least on HN) in which a thread so quickly jumped to “but why should your sexual orientation not be for the public to know?”
It’s great that you are in a situation where you believe you are able to publicize your sexual identity without detrimental consequences. But it is the height of arrogance to presume that everyone else must have the same life situation that you do.
Sigh, I don't assume that and I know it is not from many experiences. My point is a lot of these seems to be a fear-based response driving extreme privacy reactions. I want a measured response that recognizes that data is hugely powerful in improving society, and we need strong regulations to protect both sides.
This extreme privacy movement annoys the hell out of me. And, it is really strong on HN.
> I feel like that is just a fear-based response to the world, maybe we all need to be more open about who we are both for ourselves and for other people in the world.
This is a textbook presumption — you insinuate that someone’s desire to not publicly transmit their sexual/politics must be irrational, and/or everyone (or even most people) is actually in a situation where they don’t have to fear that.
What is this “extreme privacy movement” that you speak of? Data-collecting tech companies are global titans, and the public’s status quo acceptance/complacency of this is a major reason for these companies’ success. And this is even the case in America, in which the 4th Amendment is a significant bar for government to clear for any kind of search and seizure, even though citizen compliance with authority is another type of “symbiotic” relationship.
It's not extreme, it's what most people have had for millennia.
New technology is deanonymizing public space, invasions of privacy previously required great effort and expense, now they can be done trivially by accessing data on your phone, or now your car.
The ramifications of this haven't become clear to you because no-one important's decided to fuck your life over yet or you live as a conformist, but for many of the rest of us the potential downsides are glaringly obvious.
People are getting screwed by this right now in China and N.Korea. It is a real and present danger that may have ramifications for you or people you love in the future, and may even get them killed. McCarthyism was only 50 years ago, the Stasi 30, the Nazis 70. The Dutch inadvertently caused the deaths of thousands, maybe tens of thousands, of Jews by having a religious question on their census before the Nazis took over.
It happened before, it will happen again, and just because you don't know high school history, or simply didn't learn the lesson of it, doesn't make us extreme.
I think I am done :), you don't need to degrade the other person's intelligence to have a discussion. Or insult them. It is rude and unbecoming a member of this community.
When you continue to question whether people who are fearful are being rational, as if being fearful necessarily precludes that they have attempted rational assessment, you are the one being rude and dismissive of people’s intelligence.
I won’t even go into your absurd whining of the “extreme privacy movement” in the HN community, as if a huge part of HN’s audience aren’t daily optimists about the positive role and accomplishment of tech and data companies.
> My point is a lot of these seems to be a fear-based response driving extreme privacy reactions.
What world do you live in where fear is unreasonable? The world is not the happy place that you very clearly think it is.
I have personal friends and family who have very legitimate reasons to demand enforced privacy. People who've been abused by others; who've been abused by people who have made serious threats against livelihoods.
People whose opinions are different from those around them would be at significant risk to life, limb, and sanity if those opinions were to become known by others.
> I want a measured response that recognizes that data is hugely powerful in improving society
> This extreme privacy movement annoys the hell out of me. And, it is really strong on HN. *
You need to recognize that data is also hugely powerful in destroying it too. I think many on HN are able to and have recognized this.
> and we need strong regulations to protect both sides.
I agree; but I think the regulations and enforcement should absolutely err on the side of the user if there is ever a disagreement between the two.
I agree with most of that. I think we are closer than you think on this. I do recognize the power of data, but I am tired of this communities inability to conceive that this data is and can be used for good.
> I am tired of this communities inability to conceive that this data is and can be used for good.
I don't see any inability to recognize that. What I see is is a recognition that "data can be a powerful force for good" is not a valid argument for why people should be forced to reveal that data.
I think the crux of this issue is what is or is not "my" data.
I think that any data that is generated as a result of my actions, or by machines that I own, is my data for all intents and purposes.
I understand that you disagree with that. That's entirely fair, and I'm not trying to change your thinking on this. What I'm trying to understand is on what basis you are deciding what is or is not my data.
Sure, I'll take a stab at that. Data is data, it doesn't belong to someone just because they played a role in creating it.
You don't care about the water company tracking your water usage or knowing how often you flush your toilet is my guess. Yet that is data you are creating. If you found out the water company was checking your dropping for drug usage and selling that to the government you might care. Or if they were selling it to employment screeners who didn't want to hire people with Crohn's disease that might be another.
I would argue the intent of data is what matters and this discussion is really about. I want to see data used for improving society and discussin how we draw those lines and who gets access.
> You don't care about the water company tracking your water usage or knowing how often you flush your toilet is my guess.
I do care, actually. I consent to the water company tracking how much water I use over the billing period, because they need to do that to bill me. I do not consent to any data collection or use beyond that.
> I would argue the intent of data is what matters and this discussion is really about.
I haven't even gotten to the point where intent matters, personally. I'm still stuck on consent. This is the hard line for me. Tell me what you want to do with my data, and if I agree with that use (and trust that you aren't lying and won't change your mind in the future) then I'll give consent.
> I want to see data used for improving society
We agree on this, but I'm not willing to be "thrown to the wolves" to accomplish it.
> You don't care about the water company tracking your water usage or knowing how often you flush your toilet is my guess.
You would guess wrong.
Water utilization metrics are a good proxy for determining the number of residents at the billing address which I consider should be private information -- even to the apartment lessor. It can also be a good proxy for determining health habits: use of laundry or dishwashing machines consumes a very consistent and predictable amount and flow rate of water. Even taking a bath would be fairly consistent, and a shower only somewhat less so. Not only would the amount be consistent, but the flow rate can be a proxy too. Are you going to tell me that it would be better for society to see what I do with water in my own home? Are you going to tell me that that information is the water company's data because they're providing the water that I bought?
Think I'm crazy? Check this out. There are many states where marijuana is legal. Despite that, the government seeks electric company's utilization information to determine whether or not someone's "likely" growing illicit substances. [1] Think what you want; I think this is government overreach. Which is exactly your situation with the water company, except with electricity instead.
And, as it is, I get a bill at the end of every month which details exactly how much water I've been billed for. Water is water and the bill doesn't care what I used it for, or for how many different people, or even what I did with it (...except wastewater which also gets billed).
Data, on the other hand: I have no bill whatsoever to tell me what data was taken, nor at what time. As things are today: I don't have an opportunity to limit the amount or scope of data taken other than to prevent it from being collected in the first place. Simply having a phone connected to the internet means data is being taken.
At least with water I can turn off the faucet! At least with water if there's a leak I can complain to the water provider and get repairs done! At least with water if the leak causes damage elsewhere I can get an exact estimate of damage done and hire someone to repair it if it were my fault: or demand the water company to repair damages if it's their fault.
On the other hand: once data's leaked there's absolutely nothing you can do to prevent it from continually causing damage. Was your social security number leaked? FACT: it was, thanks to credit reporting agencies complete disregard for security. Do you think sufficient steps have been taken to rectify that and prevent it from happening again in the future?
In the future when your water company is able to determine that you have three people living in your home instead of two (because your mother in law decided to visit for a week) and then you get advertisements for new babies (your spouse just had a scarring miscarriage through no fault of her own -- which prompted your MIL to visit), or for roommates (surely if you had a roommate for a short time then you're open to having a roommate for a longer time?), or they let the leasing office know that someone is living there without paying rent (oh wow, you are allowed to have guests over, right?), or contact the police because you live near the border and they suspect you're harboring an illegal immigrant (hope your mother in law brought her identification papers with her...): I think when that moment comes maybe then you might wish you had some privacy.
Well, I think we will simply have to say we don't agree on this :)
The next 50 years is going to be interesting as this debate evolves and we figure this out. I do not think it is going to end with this data is "mine" and only mine. I think it is going to end with here is this data, and here is how we divide it up to make the most use of it while providing x level of privacy. I could very well be wrong but that seems to be the bent of history when similar things emerge. First the fear, the hard reaction, then slow acceptance, and then an explosion of innovation.
> It seems like that is just a response to society needing to be more accepting, aka us to be more accepting of who people really are.
Well yes, but until that time, and even during that time, I don't want that revealed. I have a friend who's working somewhere that would probably be entirely welcoming of his orientation, but he keeps it secret because it's his choice and he still has fears about what would happen if it's revealed.
You should check out what happened less than a century ago. Among other things, it started this whole digital conundrum.
It's naive to think that concentrating so much power over so many people in the hands of so few people can go any sort of well. What happens when the regulators, or the ones charged of overseeing them, want in on the fun? What if they're coerced, which suddenly is trivial to do?
Progress comes from individuals, as such, individuals should be empowered by great tools to make the most of their data. Wanting corporations to solve all the problems is another case of pushing off personal responsibility.
We haven't actually achieved that state of grace yet, so in the meantime, in some times and places people actually can be in danger because of who they are. Perhaps you have seen the names Muhlaysia Booker or Jamal Kashoggi in the news recently.
That's a very naïve and privileged position. It boils down to "I don't have a problem, so no one else does." You'll probably learn one day you are more vulnerable than you realize.
It is and I am an old history major so yes I am aware :).
I am not advocating for a total loss of privacy, merely that it is is a spectrum, and technology seems to be driving an acceleration of what is socially acceptable. And, that might be a good thing long term.
How do you change people's acceptance of things they are afraid of? You show them they don't need to be. You don't do that by hiding and pretending you are something else. You show them that you are x and y and still a good normal person. It can get you killed, it can lose your jobs, it can lose you friends, it can lose you your family. It is an incredible sacrifice that millions of people in the USA make every year. They do it for themselves, but also for all the other people that are x or y and who they want to see raised without all that bullshit.
Feel free to run to the front of the battle and take the arrows for the rest of us. Chiding others for not sacrificing themselves to boost corporate profits is a shitty thing to do.
I also don't believe you've thought through all the failure modes and misaligned incentives that happen over time.
Not wanting to live in a "1984" dystopia is not extreme by any means.
I am not chiding in any way, I apologize as my point must have not been well written if that is how it landed. Sorry :(
We are not in 1984, and that is fiction. I fully acknowledge I have not fully thought through every branch of the problem, but what I don't want to see is this idea that all data is at the hands of the person who played a role in creating it. Some data needs to go back to the company and society if it serves a solid purpose in helping improve either.
Ok, but it's not your place to decide the rights of others nor their responsibility to make your car safer paid for with their privacy. If you want to be safer put on a seatbelt and helmet and drive more slowly, rather than expressing entitlement to others whereabouts, choices, and associations.
History is largely a story of those without power breaking free from those who do and take advantage. Also, an inability to learn from fiction is a disadvantage.
Sure it is my place, I am a member of this society and we live in a Democracy. I get my views, you get yours, lets talk about it and think about it and slowly over 50 years some stuff will get hammered out :)
And, as I said, I am not convinced that all data you interact with is yours. I think data is data and it has attributes that should go other places whether you want it too or not.
History and fiction are great tools to explore ideas. So maybe just try exploring the idea that knowledge and advancement of society depends on a certain amount of data to float free. If we clamp down too hard it might paralyze advancement.
It's your opinion, not place I'd say. Minority rights cannot be ethically eliminated by a majority vote.
To be honest, while I care about privacy in general, am not concerned about every little datum myself. In a healthy reality companies and governments would give us lots of options and control, let us opt-in. But that never happens does it? They'd prefer you'd not even be aware it's happening. Only when shamed in the media does a company even attempt to provide the appearance of options.
Why do you think that is? Because they sell your information, that's why.
If it weren't that fact I wouldn't be so hardline on the subject. But, it's the reality we live in.
Not sure I follow, as I do have a say in this as do you and every other person in this country :). To argue someone doesn't have to say is a tad weird.
It sounds like you would be ok with your car collecting data about you and sending it to the car company. That’s totally fine. I would not be ok with this, and that should be totally fine too! It is a personal preference. Why is it such a big deal to simply ask for consent from the user? Real consent— not the “by using this product you agree” joke we usually get.
Software asks the user all sorts of things when they onboard them. Why is asking for consent to collect data such a pain point for companies?
What if the data revealed your predilection for visiting strip clubs? Would you want to have control over that information? At least with Google maps you control when it is on - and there is a privacy policy of some sort.
#1 - On your specific example... what is wrong with visiting strip clubs? Is that not someone's prerogative and legally allowed by society? Why should we be ashamed of that?
#2 - I am not saying "no privacy", I want smart privacy :). It is a spectrum, not a binary choice.
If that data is combined together so that the city knows traffic on road 1 is high and they need to invest in infrastructure there that is great. Or if the data from that trip is used to improve car safety or automated driving systems on that road, great!
Should that data be able to be pulled to let the place you work check the morality clause in your contract? Hell no.
Attending AA meetings, being treated for an STD or at a cancer center, and consistently leaving a bar at closing time are all perfectly legal, yet something people may wish to be able to exercise significant privacy over.
Agreed, but that also doesn't mean the data can't be used when stripped of identifiers to improve the product and society.
I don't want cell phone companies selling my specific location, but I also don't want them to not get data from my phone to improve their services where there are drop outs or other issues.
Our history of completely anonymizing data is not good. "We have no idea which anonymous car it is that consistently drives between bwb's house, bwb's work, unsavory place X, unsavory place Y, and back to bwb's house everyday".
Agreed, like I said we need strong regulation and enforcement, but that doesn't mean we throw everything out because it is hard to do. It means we need to have the conversation about it and try to craft regulation/enforcement that supports society and doesn't take advantage of it.
We have seen repeatedly that anonymizing data effectively is actually quite a lot more difficult than it seems.
I'd much rather that we whitelist the data we think is worth collecting and analyzing for product improvement, instead of trying to blacklist the things we prefer are kept private.
Agreed, I am not saying I have the answer, but what I don't want is this movement happening in Europe and budding here that all data is MINE, and can't serve society/product improvements.
You started this thread from the position that the data-logging device (and its manufacturer) is ultimately the data’s owner. So please justify to the folks in the “extreme privacy movement” why you think the data-owning companies should have any obligation to follow your various preferences for how your data cannot be used.
No, I started this thread by saying that data is not always owned purely by the person playing a role in its creation.
I am tired of the extreme movement that all data I have a role in creating is mine, and I should have full control of it. I am worried about the ramifications on society and our ability to improve products and the way society/civilization works. I think Europe has taken some good steps toward that goal, but like any first try, it also has some stupid parts. Time and debate will improve it.
I'd like to see us start crafting legislation that tries to find that middle ground between the data that should be private and the data that can be used to improve the product and society and thus make sure it is available.
On the one hand I agree about extreme privacy movement and I can see how travel in the public roads provides some reason to provide driving data to the public... or even the builder.
On the other hand, if it's your car why don't you control it and the data it collects? Maybe if it was loaned, leased, or licensed I could see the seller retaining a right to data, but ownership has its privileges.
In the extreme case, let's say your local used car dealer surveils his sales after the fact and at some point offers not to publish details for a monthly fee?
Also, it is difficult to imagine what data would be useful to the public that isn't already collected in public. I don't have to access the data in your car to see if you are driving erratically, speeding, etc, this can all be observed easily enough from outside.
Because car manufacturers tried to sell the data to advertisers, until they backed down because of the PR shitstorm (the article doesn't go into sufficient detail about this). If people are over-reacting towards privacy, that's understandable and well-deserved considering the over-reaches of data owners.
I think we need better privacy regulation. And "better" doesn't necessarily mean more restrictive, although quit a few players will feel restricted. It makes sense to separate data for safety from data for advertising (e.g. GDPR provides a framework for this). "Public benefit" can be a nebulous grey area.
Well said, we need a strong government entity to actually police data and how it is used. And, like you said better privacy regulation to mark the difference.
Why should my data go someplace else so others can use it as the basis to build a case for further erosion of rights and perpetuation of economic business models biased in favor of centralization of control and decision making capability.
You:
>Privacy is a spectrum. I am getting kinda tired how people think data some widget I made to exfiltrates about other people is "theirs".
Us:
You wouldn't even be able to gather anything without me, and frankly, it's none of your damned business what I do. You want data collected? Go hire somebody to generate it for you.
Expected epiphany: Now maybe I should have to design telemetry collecting/sending devices to require an explicit, physical opt-in, by shipping the devices with the telemetry data collection physically turned off, and a statement about your data gathering program, tangible immediate benefits to the customer for opting in, legally binding language defining a strict procedure for my company to acquire informed consent when sharing said data with third parties, plus contingency plans detailing the destruction of, or end of life treatment of data on the event of merger, acquisition, bankruptcy or other major business event, with concessions exposing the company to sufficient punitive damages in case of breach of contract, and a manual containing a procedure for physically enabling the data collection.
Epiphany instead achieved: but I am so tired of this extreme pricey movement.
Works both ways chief.
Industrialists/wannabe industrialists just prefer it when the sheep don't ask inconvenient questions like "hold up, how do you determine what you're eating for dinner?" or "We seem to be giving up quite a bit in return for what amounts to (thing that solves an already sufficiently solved physical problem, but now with computers, to exponentially increase the potential for new revenue extraction schemes through software and data collection), what are you putting on the line, or doing to ensure my privacy and confidentiality as a customer?".
Stop not thinking about anything more than first order consequences, using dark design patterns to get what you want anyway because no one checks the defaults or license agreements, and actually make a good run of proving you actually want to be above board with customers instead of scoring another quick buck off your position as the manufacturer and maybe reactionary forces won't be as extreme.
Hey, if the car manufacturer wants my data, fine. But they should have to buy it from me, not be allowed to build a system that gives them my data for free by default.
What Tesla does in particular is extremely egregious: Even if you don't pay for Autopilot and hence can't use those sensors, Tesla still collects data using sensors you own on your car!
> not be allowed to build a system that gives them my data for free by default.
What do you mean by 'not allowed'. you have the option to not buy tsla if its such a concern to you. There are tons of ppl who are ok with giving out their data for free why shouldn't they be 'not allowed'.
Weird agrument, I don't like it so noone else should either.
> What do you mean by 'not allowed'. you have the option to not buy tsla if its such a concern to you.
This is a dangerous way of thinking. Transportation is a requirement for getting ahead in life. Signing away your rights to privacy should not ever be a requirement to obtain transportation.
The U.S. federal gov’t, via HIPAA, took a stance on what health providers could do with patient data, rather than settling for a stance of “just find the nearest hospital with your preferred terms and conditions” or “keep in mind you don’t need to see a doctor”
I am not claiming tesla is the only one, i used that as an example. You are making the inverse claim that you cannot buy a non connected car with your "don't need to see a doctor" analogy.
Article is not about cars that "have computers and data" its about connected cars that are sharing personal information ( how fast we drive, where we live, how many children we have — even financial information ) with manufacturer.
Do you know what % of cars in the market today are sending this information back to manufacturer ?
FTA, it’s clear the author is talking about what they see as an impending issue:
> What carmakers are doing with the collected data isn’t clear. We know they use it to improve car performance and safety. And we know they have the ability to sell it to third parties they might choose. Indeed, Ford’s chief executive, Jim Hackett, has spoken in detail about the company’s plans to monetize car data.
i am ok with cars collecting metrics about my car and improving safety. But I am not ok with car collecting info about my children.
Author( and you ) are conflating all of it and calling it "data". I have no idea which cars companies are collecting data about my children. Do you?
Spinning this into "they are coming for your children" is totally disgusting.
Even the line you quoted is dishonest
> And we know they have the ability to sell it to third parties they might choose. Indeed, Ford’s chief executive, Jim Hackett, has spoken in detail about the company’s plans to monetize car data.
Here is the exact quote
"We know what people make. How do we know that? It's because they borrow money from us. And when you ask somebody what they make, we know where they work, you know. We know if they're married. We know how long they've lived in their house because these are all on the credit applications. We've never ever been challenged on how we use that. And that's the leverage we got here with the data."
This has nothing to do with data collected by cars. Yes loan applications data should be regulated for privacy but that irrelevant to topic under discussion. Loan application data is not "car data".
Also,Jim Hackett did not mention anything about selling data yet putting those to lines together and using the word 'Indeed' sounds like monetize here means ford plans to sell( info about your children) to third parties. Infact its already might be illegal to sell that data [1].
Links to this McKinsey study as a source:
https://www.mckinsey.com/industries/automotive-and-assembly/...
Which says:
> Today’s car has the computing power of 20 personal computers, features about 100 million lines of programming code, and processes up to 25 gigabytes of data an hour.
McKinsey doesn't cite any sources. But more importantly, processing 25 GB/hour is not exactly the same as collecting it. The later, in the context of this article, is definitely trying to imply that the data is stored in some sort of semi-permanent record. So, the piece is at least a little disingenuous. That said, I agree with the premise that to the extent data is saved, it should belong to the vehicle owner, not the manufacturer.
Tangent: "the computing power of 20 personal computers." What are they trying to say here? I've got a 2017 Chevy Volt and 2016 Mazda CX-9 and I'd be shocked if there were half that much computing power between the two of them. Maybe they are trying to say there's 20 CPUs among the various systems in a modern car? Still that seems like a lot.