Connected cars are not the future anymore but are being introduced in the market in increasing amounts. Connectivity innovations have transformed the automotive industry, much like several other industries and sectors. These remote control cars bring huge amounts of benefits to their consumers, such as remote control ignition and locking mechanisms via mobile applications, enhanced entertainment systems, Wi-Fi access, and media streaming. Tesla cars are currently the most advanced in the connectivity aspect as the company’s latest vehicles feature advanced remote control capabilities. However, these offerings come at a potential price pertaining to data privacy and cybersecurity risks.
The newest Tesla cars are equipped with all sorts of sensors and integrated cameras whose main function is to collect as much data from the consumers as they can. These components are governed by advanced AI software that keeps a close look at the drivers’ patterns and habits so that the car can provide them in a better manner. Nonetheless, they do accumulate and transmit data, and it is stored in a database that is always at a risk of being the target of cybercrimes. The potential risks associated with leaked or breached data include threatened safety and security mechanisms of the car and, though extreme but definitely plausible, full remote control of the vehicle.
By looking at the rapid pace at which the automotive industry is moving towards autonomous and connected vehicles, it is clear that these risks will only increase due to complex and integrated electronic components and application reliance. A 19-year-old German researcher who specializes in cybersecurity discovered a flaw in the software of Tesla that allowed him to disable security systems of some of the company’s vehicles, start them without keys, and unlock their windows and doors. David Colombo, on January 11, 2022, remotely-accessed 20 Tesla cars across 10 countries without the knowledge of the vehicles’ owners. He could remotely open windows and doors of the cars, play music in them, pinpoint their exact locations, and turn their flashlights on or off, along with performing several other functions. The vulnerability has been allocated a CVE by a security vulnerabilities cataloging company called Mitre, and the senior security consultant who works at SpiderLabs and owns Sakura Samurai also called Colombo’s findings ‘a serious security concern.’
Even other than this instance, the fact remains that the new remote control cars that Tesla has been introducing accumulate, utilize, and store your personal data. From the autopilot feature of Tesla cars to its advanced summon feature, all remote control, artificial intelligence, and machine learning offerings of Tesla cars require their owners’ data in order to operate. While we all want our cars to autonomously track us through our phones and come to us with just the press of a button, find parking spaces for us, navigate complex environments, and read instruction signs, how many of us are ready to put our personal data on the line for that?
Data Privacy Risks That Come With Remote Control Cars
You can unlock and start your Tesla car remotely, from virtually anywhere, with the mobile application, which will ask you to enter your login credentials. That means that if anyone gets access to just your username and password, they will be able to unlock and operate your car. Tesla’s Model S is a flagship car when it comes to connected vehicles and has drawn much attention from hackers. A conglomerate of the Chinese technology, Keen Security Lab of Tencent, published a demonstration video of remote hacking of a Tesla Model S that they carried out after discovering vulnerabilities within its software.
However, it is not only the remote control vulnerabilities of Tesla cars that are reasons for concern. Data privacy is also a major aspect that the advanced features of these vehicles threaten. There are several Tesla vehicles that are always recording their drivers’ as well as passengers’ videos and transmitting their footage through cameras that are located inside the vehicles. Although the main function of these cameras and the driver monitoring systems that they are a part of is to protect the drivers by ensuring that they are paying attention to driving, the data privacy concern is something that they come attached with.
Similarly, your vehicle’s location is constantly tracked, and so is yours through the Tesla application. Sentry mode is another feature that is always on the lookout for any suspicious activities around the car when it is locked or parked through cameras and sensors. Its purpose is to make the car react in a befitting manner depending on the nature as well as the severity of the threat, but wherever you are taking the car is being recorded nevertheless. Tesla has stated that it views and studies the recorded footage for research purposes and to make its self-driving technology improved and enhanced.
If we take a look at the approach that other automakers, other than Tesla, take to ensure that their vehicles’ drivers pay adequate attention to the road, they use infrared technology that closely monitors the head positions of the drivers along with the movements of their eyes. These systems are called closed-loop systems, and big automobile manufacturers, such as Subaru, GM, Ford, and BMW, utilize them to carry out the same purpose almost as effectively as Tesla. This closed-loop approach certainly does not present the same data privacy concerns as recording and transmission of video and data does because whenever a video gets recorded, there is always a way to access it in the future.
“There may be legal protections around who can access it and how, but there’s always the possibility that insurance companies, police, regulators, and other parties in accidents will be able to obtain that data.”
– John Davisson, Senior counsel at Electronic Privacy Information Center (EPIC)
Along with these foreseeable use cases, Davisson also warned about cybercriminals and ill-meaning actors accessing recorded data or video footage, as well as Tesla either selling it or using it for purposes other than just research for safety.
Driving monitoring systems are all set to become a mandatory component of all vehicles from 2023 onwards, according to Europe’s Euro NCAP program regarding automotive safety. However, the program is looking for real-time monitoring of drivers’ attention on the road that can alert them at sensing distracted demeanor and not record or transmit any information about the driver. Currently, several Tesla cars are equipped with a real-time monitoring system that gauges drivers’ attention through the pressure on the steering wheel. Experts call it useless and say that it can be easily tricked and that just because a driver has their hands on the steering cannot imply that they are focused on driving.
You Can Always Opt-Out, But Is It Helpful?
Owners of Tesla cars are given a choice by the company to “protect” their data privacy by opting out of the transmittance of their in-car videos. However, in most cases, the owners of the vehicles that opt-in for the option do not know the extent to which their information is being shared. And Tesla’s claim that the footage that gets transmitted is not paired with the identification number of the vehicle does not lessen the severity of the case as the faces of the drivers and passengers of the vehicles are visible in the footage. And what if a driver consents to be recorded, but a passenger sitting in their car does not? Furthermore, the fact that the automaker is able to make responses to drivers in its Full Self-Driving beta and the company having the ability to remove a participant from the program makes it clear that at least those cars are very identifiable.
Our Final Thoughts
There is no denying the fact that advanced features in vehicles offer great utility and huge benefits to people. However, there is a strong need for laws to ensure that automotive companies keep their bottom line behind people’s data privacy. Currently, the way Tesla is programming its in-car cameras underscores the importance of sensible and strong consumer data privacy protections and rules. It is possible that many reasons for which Tesla uses these cameras are unforeseen as of yet.
Article by [author-name] (c) Irish Tech News - Read full story here.