Author: Michelin
When you drive a car out, your actions, expressions, words and deeds, your location, and the scenery on the side of the road… all these information that used to require “professional agents” to master in movies, can now be obtained with just one smart car.
Not long ago, a car blogger shared the “magic function” on his HiPhi X for personal use: After entering the built-in driving recorder interface and clicking on the wifi icon in the lower right corner, you can see the distance of other vehicles across the country on the “car-to-car connectivity” page, and by clicking in, you can even see the screen of the other party’s driving recorder.
Subsequently, HiPhi Automobile issued a statement stating that the “car-to-car connectivity” function used for fleet travel needs to confirm the privacy statement before it can be turned on, and “there is no leakage of user privacy.” The statement seems to have temporarily put an end to this matter.
For online netizens who are always online, harassing phone calls that leak information, personalized recommendations on video websites, and “audio theft” recommendations on shopping websites may seem ordinary, but when the camera footage is presented directly in front of them, such an intuitive feeling of being “spied on” still arouses everyone’s nerves. The speculation about “privacy leakage” that surrounds smart cars, cameras, big data, and the Internet has far from come to an end.
With the introduction of new features and the attempt of new technologies, it is inevitable to encounter various problems that have never appeared before, especially as the single-car intelligence is gradually being explored, when more car-to-car connectivity functions begin to appear, how to protect privacy while sharing information between cars will be a challenge that HiPhi and the entire industry will face.
We cannot deny the value that comes with the camera getting on the car because of a flawed function, nor can we deny HiPhi’s attempt on car-to-car connectivity functions. But this also makes us more intuitively think about the issue of privacy as users, when the car is gradually becoming intelligent.
All conveniences are secretly marked with a “price”
The camera has been plagued with “privacy” problems since its appearance, from the notebook camera in the early days to the home electronic eyes where “peeping scandals” frequently occur. When smart cars cannot do without cameras and other sensors, privacy issues are transferred to smart cars.
The privacy crisis caused by cameras, Gaohebing is not the first example. In April 2021, Tesla hacker “Green God” shared the images captured by the camera inside the Tesla car after hacking it. The camera clearly recorded the actions, driving status and even the expression and demeanor of the people inside the car. Tesla stated that the camera was designed to facilitate the system to learn human driving behavior and improve the autonomous driving function.
This is not unique to Tesla. For every smart car, the camera is almost a standard configuration. Some cameras are installed in the cabin, used for driver and passenger status detection. Thanks to these cameras, we can automatically adjust the seat settings by FACE ID after getting in the car; detect when the driver is tired and issue timely warnings to avoid danger; and even learn to observe people’s words and expressions to provide proactive services.
Compared to people’s sensitive personal privacy in the car, information outside the car seems to be more easily overlooked. As an important hardware for smart cars to perceive the external environment, cameras help vehicles judge road conditions while collecting and processing real-time information on road environment. The crowdsourced map that is widely promoted by car manufacturers today as an advanced intelligent navigation and assisted driving mode is relying on ADAS perceptual hardware on mass-produced cars to dynamically collect, process and build models of the environment, and obtain real-time updated crowdsourced maps.
From simple facial recognition to learning to observe people’s words and expressions to provide proactive services; from detecting obstacles outside the car to learning to deal with complex driving situations, it is undeniable that the intelligentization of cars grows under the “feeding” of massive data obtained by cameras and sensors.
“In the era of big data, there is no privacy.” Although this statement sounds somewhat alarmist, it is largely true in reality. People who are sensitive to their privacy may say, “I don’t need those fancy functions. As long as the car can drive, it’s good.”
However, even if you turn off your camera and network, it is difficult to avoid experiencing intelligent convenience, which is built on other people’s cameras and data. Whether it is cameras, sensors or the collection of surrounding environment, data and user states, their original intention of “getting on the car” is to provide better services and convenience, which is not their original sin.
But just like not everything will develop as expected, not all cameras on cars are used for “technology for good”, such as opening up the function of onboard driving recorders to the public this time.It’s hard to imagine what strong demands or necessary technology is driving the need to share the footage from one’s own dashcam. In Gaohe’s statement, they mentioned that the feature of sharing dashcam footage is part of the functions of V2V and vehicle-road synergy. Does that mean sharing one’s own footage is necessary to achieve V2V functions? Apparently not.
Note that “privacy policy notification” is only the bottom line. In the past, Li Yanhong’s statement “Chinese users like to trade privacy for convenience” has sparked anger among many internet users. However, nowadays, sacrificing too much privacy not only fails to bring any convenience, but also brings potential danger. These privacy leaks, whether the result of mistakes, vulnerabilities, or intentional actions, have been happening frequently. Perhaps the reason is that the cost they pay is not so high.
Compared with the internet and intelligent mobile devices, smart cars can be said to be relatively young since their birth. Corresponding laws and regulations and industry norms are still being gradually established. Starting from October 1, 2021, the “Regulations on the Management of Automotive Data Security (Trial)” has been implemented, which has established specific management norms for the data security of smart cars. The “Regulations on the Management of Automotive Data Security (Trial)” requires that unnecessary information should not be collected, and default setting should be collecting nothing every time. For personal information and important data used in the research and development of automatic driving and intelligent cockpit technology, car manufacturers should not “silently” claim this information as their own, nor should they make this information public as a function or gimmick.
When the vehicle needs to process personal sensitive information such as vehicle trajectory, the necessity and impact on the individual should be informed in a significant way, such as user manuals and display panels. “Privacy policy notification” has become the bottom line for many functions related to vehicle safety and privacy.
In Gaohe’s statement, it can be seen that when the user confirms the second time on the switch-on page, the user is notified that “the dashcam footage will be shared”. Regarding this, GeekCar interviewed a related lawyer, who stated that the notification of “sharing dashcam footage” in the second confirmation did play a role in risk notification, but in necessary circumstances, specific descriptions of potential risks, such as leaking location and personal privacy, still need to be made. For special functions, the frequency of access should be restricted, and manual operation is required every time it’s used when necessary.
This reminds me of what Jobs said about “Apple’s privacy principles”:
When some people are willing to share more data, ask for their consent, and ask every time. Even when they get fed up, you still have to let them tell you that you don’t have to ask anymore. And you have to tell them exactly how you will use their data.
Each smart car generates 10T of data annually. When the data of the smart cars is within reach, neither the car manufacturers nor the suppliers are the natural owners of these data. “Secondary confirmation” and “privacy policy statements” are not a “get-out-of-jail-free card” after vulnerabilities occur.
The Bottom Line
In the book “The Age of Big Data,” there is a saying that big data does not provide the final answer, it only offers a reference answer. It provides temporary help for us, waiting for better ways and answers to emerge.
The same goes for the era of smart cars today. Whether it’s a car-mounted camera or a large amount of data generated by a vehicle, they are all reference answers on the road to the final answer. While utilizing them to provide temporary help, this double-edged sword is destined to bring potential risks.
Is a smart car surrounded by cameras really free of privacy? I think in this era, pursuing absolute privacy is not easy, but that does not mean that users’ privacy should be abused and sacrificed for some optional features or gimmicks. When privacy breaches occur time and time again, and users are asked to take responsibility with a long “User Manual,” trust in the brand and smart cars is gradually eroded.
This article is a translation by ChatGPT of a Chinese report from 42HOW. If you have any questions about it, please email bd@42how.com.