Canadian Dealerships Access Greater Vehicle Data Privacy Protections

Privacy4Cars will distribute its patented data protection technology to a wide network of dealerships throughout Canada in a partnership that is the first one in North America for the data security provider.

The exclusive agreement with HeyAuto, an automotive shopping and technology company that offers connectivity products and services for dealerships, will provide the company with the software needed to maintain and certify personal data privacy for vehicle owners at 2,400 dealerships.

An average of two million used vehicle are sold in Canada each year, said HeyAuto CEO Brett Jones, citing figures from DesRosiers Automotive Consultants. Four out of five of those vehicles still have some form of previous owner data attached, which includes rental vehicles, fleets, and government vehicles. The Privacy4Cars proprietary data deletion solution offers a certified process to verify data scrubbing and compliance.

“We saw a massive benefit with the Privacy4Cars data protection,” Jones said. “It’s a necessity for the Canadian dealer market to ensure consumer protection at the data level for vehicles. The time was right to introduce it to the Canadian market.”

Data Privacy Protects Buyers

HeyAuto’s suite of micro-services and the ability of its technology to scale up was a natural fit to integrate with Privacy4Cars software platform. Dealerships on HeyAuto’s platform will be able to reduce their business risk and liability as well as ensure consumers gain peace of mind that their personal data is protected.

Jones and Privacy4Cars founder and CEO Andrea Amico met in early November 2022 to discuss the partnership after Jones had been following Privacy4Cars and connected through a colleague.

“Companies are paying attention and hungry for solutions,” Amico said. “This is a great way to address that by partnering together to bring solutions to market at scale.”

As is the case in the U.S., governments in Canada and the European Union are collectively passing stricter privacy laws and protections while pressuring dealerships and vehicle suppliers to comply, Amico said. Canadian businesses could face heavy fines calculated as a percentage of their revenue if they fail to meet data security standards. Furthermore, an EU law called the General Data Protection Regulation (GDPR) requires trading partners to maintain the same level of data compliance.

Data Exposure Incurs Risks

Among the leading data privacy concerns for vehicles are geolocation information, biometrics, credit card entries, and phone contacts, Amico said. “Every time you connect a phone, cars can download a lot of information, and find anything from calendar entries to photos. Consumers have no idea that if you sync your phone to the car, it will suck out text-based data.”

In one situation Amico described, the buyer of a used vehicle was upset when his newly bought car broke down. He was able to access the data of the previous owner, including the address, and then showed up at his home to confront him.

“You would never unlock your phone and hand it to a stranger and walk away,” Amico said. “Your car is like an open cell phone on wheels for the next person to tap into that data.”

Vehicle data risks were seeded about two decades ago when Bluetooth and OnStar first emerged, Amico said. In the last 10 years, digital communication and interactive technology on vehicles have multiplied. As a result, encrypted phones dump data into unencrypted vehicles, which are easy to crack.

The Privacy4Cars data protection software contains a patented process that takes in the car’s VIN and scours the systems to identify and measure the data, and then manages its removal, or data wipe, Amico said. “The vast majority of cars do not have encryption. It’s as if you drop a thumb drive with all your information in a parking lot and hope nothing will happen.”

The certified process takes dealership technicians about 1 to 1.5 minutes per vehicle.

“The security, privacy, and structure of the database and technology stack have been essential to our service,” Jones added. “That’s why the partnership makes clear sense.”