Keeping Vehicle Data Safe in an Evolving Remarketing Landscape

Remarketers of today already have to think about the personally identifiable data stored inside the vehicles they’re remarketing. These concerns, and the data stored in vehicles, will grow exponentially as vehicles, and the technology inside of them, continue to evolve.

This is why associations like Auto-ISAC, the IARA, along with companies like Jack Cooper Logistics, are already analyzing and implementing ways to distribute knowledge and best practices when it comes to personally identifiable information.

In a recent study conducted by the IARA, in association with various auctions in the U.S. and Canada, 400 cars were analyzed to see how often personal data from a previous owner was left in a vehicle. The vehicles analyzed covered 12 manufacturers and 32 makes, and what the IARA found was that more than half of the vehicle had some sort of personal information still in it.

In a discussion hosted by the IARA and led by Andrea Amico, president of Jack Cooper Logistics along with Faye Francy, executive director of Auto-ISAC, the two discussed the transitional period we’re living in where people don’t realize how much data their car has on them, and the steps that can and should be taken to safeguard their information.

Protecting Data inside a Vehicle

A person looking at the data stored inside a vehicle can gain access to a wealth of information on the person driving it, noted Amico. Using stored GPS data, call logs, messages, a viewing eye could ascertain where a person lives, where they work, where they go to school, and where they like to go for breakfast on the weekends, he added.

When vehicles become even more interconnected than they already are, the amount of information that could be gathered on a driver will only logically increase. To ensure that current, and future, data is safe, Amico suggested that one of the first places that should be looked at should be a vehicle’s dashboard.

He brought up the fact that a typical dashboard inside a vehicle today has anywhere between 30-60 buttons.  This means that if an individual wants to attempt to clear the data on his or her vehicle, he or she needs to maneuver through all of these buttons in order to find a way to clear his or her data.

This shouldn’t be the case, he added, a dashboard should be designed to simplify a user’s interaction, not complicate it. A design philosophy that he encourages manufacturers to follow would be that of an iPhone. An iPhone has only four buttons, making it simple to operate. Not only, that, but one of the button’s sole purpose is to lock the device, which is something that should be found in vehicles, he noted.

“I don’t think anybody in this room should ever be worried about having to delete information,” Amico shared to a room of remarketing professionals at the Conference of Automotive Remarketing (CAR).

Another method of keeping data secure would be implementing dual factor authentication into vehicles.  By implementing dual factor authentication, a person would be required to enter a PIN in order to essentially log in to their vehicle. If an unauthorized user failed to enter the correct PIN multiple times, the system would lock and personal data could be reset.

In order to accommodate vehicles with multiple drivers, such as a family car or a fleet vehicle, a profile system, similar to the one you find on Netflix, could also be added to vehicles, Amico noted.

Drivers would have their own profile, as well as their own separate PIN in order to log into their respective profile. This would prevent unauthorized access to an individual’s data, since each person’s data would only be accessible by their respective profile, Amico added.

“Privacy-by-design should be built into future cars, but we don’t have to wait for the car of the future to start tackling this issue. That’s why IARA started the Privacy and Cybersecurity Group,” Amico noted.