Privacy: it’s a concept some aren’t sure still exists in a world where personal information is shared so widely. But it’s more important now than ever, and its effects on the collision industry are significant.
In a webinar presented recently by Collision Industry Electronic Commerce Association (CIECA), Adonne Washington, a leader on vehicle data and privacy at the Future of Privacy Forum, brought industry members up to speed on how privacy affects businesses and consumers and how shop owners can be at the front of that trend.
Privacy and Cybersecurity
As vehicle technology advances, amounts and uses of data proliferate. In today’s world, businesses and individuals need to be able to use data to function fully, and this fact deepens the importance of understanding privacy and security. Privacy, according to Washington, is the right to be left alone and/or to be free from intrusion or interference, and it goes hand in hand with the use of data.
Adonne Washington.
Data, she explained, can be nonpersonal -- lacking identifying details -- or personal -- phone numbers and the like. A deeper type of personal data is sensitive data like bank or social security information. Both non-personal and personal data, she said, can link individuals to vehicles, which is where privacy comes in.
In a policy context, Washington explained, the concept of privacy often concerns the right to control the manner of collection and use of personal information. Privacy matters on an individual level, she said, and on a wider scale to larger groups as in the instance of a data breach. She defined cybersecurity as the protection of data from exploitation and attacks but said strong privacy practices at the outset of data collection can offset the need to use it.
Washington said she finds businesses are often concerned about having data in their possession. Not everyone, she explained, is sure how privacy impacts their work. When it comes to vehicles, more software-defined features mean more data consideration, and attention to privacy on the part of the collector can mean safety for the consumer and peace of mind for those handling data.
Some concepts she advised collision industry members to think about in data protection include deidentification, itemization, strong cybersecurity practices, anonymization, privacy enhancing technology and data minimization.
It’s helpful, she contended, for business owners collecting or handling data to focus first on transparency to foster trust, which is essential for companies offering goods and operations. To establish transparency, companies need to tell individuals what data they’re collecting and how. They also need to tell consumers where their data is going and how it’s being used and if those uses could potentially lead to consequences for the consumer.
In deciding how to best pursue transparency for the work they do, those collecting data should consider whether they’re providing individuals with enough information to make a decision about how their data is exchanged with a business, Washington said. Businesses should also consider giving consumers on revoking consent for data collection later.
Understanding Legislation
It’s also essential, she said, to understand where privacy is implicated. Risks to privacy may not be completely eliminated, but data collectors can take steps to mitigate them by recognizing where protections can go into place for data and individuals implicated.
Understanding the legislative space is also important, she contended, as that understanding will signal what needs to happen at the developmental stage of data collection. More legislation today, she said, is covering niche topics concerning information and data, and it’s important to understand how regulation of those more obscure subjects can impact one’s industry.
Washington cited the Colorado Artificial Intelligence Act, which covers algorithmic processes and could impact automated systems in the day-to-day work of the collision industry. Taking extra steps toward due diligence in understanding compliance with tech or privacy laws is the way to go, she said, and will put industry members ahead of the game when it comes to handling data safely.
On the flipside of privacy is the added protection of cybersecurity, and business owners should be thinking about best practices to protect their business and the individuals they serve, she said. Federal entities like the Department of Transportation and the National Highway Traffic Safety Administration can provide guidance on thinking about cybersecurity across the industry.
Consumer Feelings
As technology in vehicles evolves and data collection becomes more woven in, consumers, Washington said, aren't against the technology. They just want to know their privacy is protected.
The FPF Vehicle Safety Systems Report, released in March, highlights that fact, she pointed out, with 34% of respondents indicating some trust in technology in vehicles. Many, she said, trusted vehicles in their data collection process, but a significant percentage had questions about those process or were unsure about them.
While the survey ultimately found consumers did largely view tech and its associated systems as something they wanted in their cars, they showed concerns about what information is collected and how it can be used, where it goes and how it might impact them personally.
Trust factors in heavily here: It’s important to ensure people can trust the data their cars are generating. Some of this data, Washington said, which can be generated from mechanisms like crash alert notices and alcohol detection systems, could be stored on cars and could bleed into collision work, so it’s especially important for industry members to cultivate a full understanding of data protection moving forward.
Elizabeth Crumbly