What does your car know about you?
What does your car know about you?
The Jastine Valdez case has flagged up some privacy issues surrounding electronic vehicle data. What does your car know about you? The answer is, probably quite a lot.
If your car is modern and has a big screen and a smartphone link, the likelihood is that your car is recording a lot of personal data and storing it onboard for future analysis. Added to this, if you buy a new car coming to the market within the next five years, then the answer is that it will probably record nearly everything about the places you visit, the things you do and the things you say. It will also determine your preferences and will record your medical conditions such as your resting heart rate.
A case in point is the awful murder of Jastine Valdez. Important information on the case has hinged on data taken from the Nissan Qashqai which was driven by Mark Hennessy. The data contained in the vehicle has helped investigators work out what had happened to the 24-year-old student after she was abducted in Co Wicklow a few weeks ago.
If the Garda could use his car’s onboard computer to figure out where the killer had been, what other information can be gleaned from your car’s circuits? If your car has a satellite-navigation system, just like your smartphone, it will record everywhere you go.
One cybersecurity expert, Art Dahnert from the firm Synopsys says:
“Most vehicles built within the last five years and fitted with an appropriate infotainment unit will be similar in the data that is available. Navigation data can be accessible, and usually, the navigation will contain the last origin and destination locations, as well as favourite places if the owner has configured that feature. This information isn’t very difficult to access. It is also possible to get more complete GPS location information, but that will be model-year dependent.
“Often you can retrieve Bluetooth connections, like your smartphones, as well as phone books and call history . . . Some additional metadata is stored, such as call times and length; these have to be retrieved with some additional software tools. Today’s law-enforcement agencies have the tools to extract most of the relevant personal data from the infotainment unit, if the model year supports it.”
In one case in the United States, a driver accidentally activated his car’s SOS system, the problem he ran into was that while accidentally activating the cars SOS recording system, he was in the middle of arranging a drug deal. The cars SOS call-centre staff heard the discussion and alerted police. The driver was arrested as a result of his own incriminating evidence against himself.
Legally speaking, who can access all the data that is contained in your car? Well, in a serious crime, the Gardaí can legally obtain data records from your vehicle. A Garda statement said:
“under the Criminal Justice Act 2006, if a member of An Garda Síochána has reasonable grounds to believe that an arrestable offence has been committed or is being committed, and there is in place evidence of, or relating to, the commission of an arrestable offence, gardaí can take such steps necessary to preserve any evidence of, or relating to, the commission of that offence.”
Basically speaking, your car’s electronic data can be fair game in an investigation. In the United States, among other countries, in-car technology has been read or even taken over by authorities in a process known as car tapping for more than a decade.
Lawyers have so far failed to convince courts that using vehicle data in this way is effectively compelling people to give evidence against themselves. In Ireland, a Law Reform Commission research paper suggested that such cases should not cite the privilege against self-incrimination, because the data is “evidence independent of the wishes of the respondent” and “not in itself an admission of guilt”.
This kind of evidential data could also be used to settle legal arguments in civil cases to do with crashes and personal liability but unless a serious crime has been committed, it boils down to who the data belongs to. If you own the car you also own its data. The opposing side’s legal team can ask for it, but you’re under no obligation to hand it over.
One instance where data is used for incriminating purposes is the satnav company, TomTom, who admitted to having given police data that showed where drivers were most likely to speed. Cameras and traps were subsequently set up there
The satnav company shared (anonymised) data that showed where drivers were most likely to speed. Cameras and traps were subsequently set up at those points. The Irish Times has asked the question:
“Is this a judicious use of data in the enforcement of road-safety laws or Big Brother techniques that turn our own data against us?”
“It’s a debate that needs to be had. The Garda did the right, and legal, thing in reading data from Mark Hennessy’s Nissan Qashqai. But with our cars hoovering up so much data about our movements, habits and preferences, we need to talk about how that information is used down the line.”