Accidental data sharing: could your car be sharing personal data with strangers?
John Chuhan, chief risk officer at Alphabet examines why the data generated and stored in your vehicle is just as vulnerable as information stored on a mobile phone or laptop.
The web-enabled world we live in today means we are constantly connected, whether we like it or not, even while travelling. Connected cars are a big focus for UK industry and society at the moment, as well as increasingly popular with the public. This year the Government has invested £20m in funding research into communications between connected vehicles and the world around them – so called ‘talking car technologies’ – as part of part of a £100m Intelligent Mobility Fund. While the ambition of these projects is to cut costs, time, congestion and emissions, have you considered that intelligent mobility could also be reducing the level of security of our personal data and private information?
The pace of modern life means we have rightly or wrongly come to expect our connected devices to support us at home and work, at the click of a button or even through voice control. When you think about this in a car, such technology could be planning a journey to a business meeting and return home again with in-built navigation, taking a call via Bluetooth, streaming music or accessing the internet and email through Infotainment systems. We rely on data such as phone numbers and addresses being instantly available on demand. However, what is helping to save us time as we multi-task our way through the day, could actually be a playground for cybercriminals or those who want to access your personal information.
In an economy where car finance and leasing is often preferred to outright ownership, many of us are now familiar with handing our cars back at the end of its contract or lease; or even returning a rental car. Increasingly some of us are now sharing our vehicles with others within our company or organisation. But what most people aren’t aware of is that the data stored in our cars remains in the vehicle’s memory long after it is handed back, or that it is still accessible even when the car is switched off. This could make both the driver and business vulnerable, with popular travel routes, home addresses, recent phone numbers, messages and emails all at risk of falling into the wrong hands. So greater awareness of how to ‘clean’ a vehicle of personal or confidential information is paramount.
Connected-cars are vulnerable to someone with the right know-how, software and access to the diagnostics port in the vehicle where sensitive information is stored. But its not all bad news, more connected vehicles offer drivers and businesses huge advantages; some even now ‘call home’ to their manufacturer with details of a maintenance requirement or to enable a leasing company to contact the driver to book a service.
We need to start treating our cars as we do our laptops and smartphones when it comes to security. You wouldn’t replace either without clearing out all of your personal information first; an attitude that we need to absolutely replicate with our modern vehicles.