Data ownership and privacy are largely open questions. When a company collects data, several factors must be taken into consideration. In addition to the question of who owns the data that is being collected, these include who has access to the data, what the data is being used for, and who has control over how the data is used.
When it comes to the connected car, these questions are particularly significant because vehicles that are generating data often are used outside of work hours and work-related activities, meaning that people’s personal data are being collected.
Rather than simply asking who owns the data, industry participants should seek to understand who needs the data and how it is used to add value. In many jurisdictions, personal data are not subject to property rights in the traditional sense. To avoid confusion, it is necessary to differentiate between different kinds of data (such as personal, vehicle related, fleet related, and aggregated) and the context (consumer vs. commercial, for example). If ownership is defined as having the right to decide what happens to private data, then I believe that private individuals or the companies they work for have that right.
Who Has Access to the Data?
Individuals who generate this private data should have a right to know who has access to their private data. If someone’s vehicle is being tracking by their employer during their private time, then that individual should know who can see his or her private activity. Likewise, individuals and companies should know who at the telematics provider or anyone else who has access, directly or indirectly, to that data.
How Is the Data Being Used?
The company and the individual should know that their private data is protected. In addition, they also should know how their aggregate, or non-personal data, is being used. Many companies won’t do this, but I think that when people see the benefits to society in general through analyzing the shared data that there will be a better understanding of the importance of telematics in vehicles.
How the data are used is dictated by the company that implements an on-board diagnostics (OBD)-based telematics system, and the prevention of usage is negotiated between the company and the driver whose vehicle is being tracked. It is essential, however, that drivers have the right to request the deletion of their personal data, though ultimately this is a decision that is made by the company.
In the United States, a new legislative proposal would limit the collection of any data from a vehicle to instances in which the owner has given express consent. In this context, especially to the extent that it involves personal data, communication of the benefits of telematics-enabled fleet management will be crucial; the clearer that these benefits are articulated, the stronger the fleet industry’s position will be to advocate credibly for a fair and practical balance between privacy and data-enabled fleet management.
The types of data collected by the connected car range from speed driven, harsh braking, hard driving, seat belt usage, fuel consumption, vehicle faults, and factory voltage. The benefits of collecting this data include the following:
The data are accessible by the fleet owners, fleet managers, manufacturers and fleet repair personnel. The data are being used for safety, efficiency, and consumer protection while using company vehicles.
When it comes to data ownership, it is important to note that, in many jurisdictions, personal data are not subject to property rights in the traditional sense. For example, while an individual may (rightfully) think she “owns” her social security or passport number, these cannot be bought and sold. In a broader sense, however, the question of data ownership is often the wrong question. Asking who owns the data unnecessarily sets up an all-or-nothing paradigm that shuts out the opportunity for constructive, win-win solutions.;