>"Car Data, will create an ecosystem to link the ever-expanding set of vehicle data to authorized data usage, such as pay-how-you-drive insurance, road monitoring, and fleet management."
I hope for once to be surprised with privacy features..
So today a consent of the vehicle owner is required and the owner needs to document the they “posses” the rights to the vin. This is how it works for bmw: you request data through that portal, the portal requests the access through the manufacturer. The manufacturer sends a consent request to the registered owner via email. If consent is granted via connected drive portal, data market starts receiving data and so do you. To even be eligible for consent request, the vehicle needs to be car data enabled which is done at a dealership with pen and paper signature. At least that’s how it works in Germany right now.
Disclosure: I know the sales and tech team at Caruso Dataplace but I’m not connected to the company in any commercial way.
That I do not know. All I know is: if there is no signature to consent to car data sharing, nobody ever will be able to request the consent. The car may be trying talking to manufacturer but what happens there, I do not know. This is all regulated by the ISO 27017 standard.
How does the manufacturer have the owner's email after something like a private resale? Would they just send the consent request to the original purchaser?
It should be easy enough to prove ownership to a dealer or whatever and have them update the registration. It seems to me that the corner cases there are more unfortunate than dangerous.
Depends how you purchase the second hand vehicle. If the first owner did a trade in, it’s all easy to manage.
If it’s a direct sale, I guess it’s worth asking the first owner for the connectivity status. Even so, I believe a visit at a dealer with registration document would get that resolved pretty fast.
Pretty sure that in the US, the various states provide manufacturers with updates to vehicle title and registration changes. This is primarily so that vehicle owners can be notified of safety recalls.
I'm the co-founder of https://smartcar.com and we are in an adjacent space. We provide an API for cars to make it easy for developers to integrate with vehicles. Part of that process is to let consumers go through an Oauth flow and accept permissions before an app has access to a vehicle.
In my opinion, it's possible put privacy in the hands of consumers and enable developers to buidl apps for cars easily. I'm hoping this consortium adheres to these principles too.
will it merely be a generic initial 'i agree to terms and conditions' or a fully transparent, ongoing process of transferring data, with the user having ultimate control. If the latter is true, i salute you and wish you luck.
P.S. There's no other way for developers/apps/businesses to obtain access to a APIs for a car. The owner of the car has to explicitly go through this flow.
Letting users hand over their data with just an OAuth prompt ceased to be acceptable in 2018 when Cambridge Analytica extracted data from millions of naieve Facebook users who just clicked "accept" to hand over data...
I hope your platform only allows users to hand over data to thoroughly data-security-audited companies or your platform might be in for a rude awakening...
That's a great point. In that particular case, there was also the matter of a Facebook users unknowingly having the ability to share not just their own data, but data about their friends to a third party.
In our case, a car owner can link their car to a app of their choice. It's a lot like how you can link your bank to an app like Venmo or Robinhood. We do vet all businesses using our APIs, but a data/security audit of customers seems challenging and uncommon.
Are you aware of any services that help facilitiate this or any platforms that do this today?
well.. they buried it in there a bit, but they did include a way to get out of running google analytics on all websites in a given browser through an extension.
As I understand it, the CCC's Digital Key specification is what actually powers tech like Apple's Car Key and Samsung's Digital Key. Is there a list of cars that support this spec anywhere? I haven't been able to find any information outside of a couple of press releases.
That address serves as their administrative headquarters. As consortia, they have no true employees and work with an AMC to provide these functions. The CCC uses VTM Group as their AMC, much like USB-IF.
I'm going to have to go ahead and say "no" to any more connected devices until I can share in the revenue stream that monetizing my behavior and travels generates.
If you expect ad revenues to be shared with you, you'll just end up with more ads or you'll have to pay the advertisers through commissions on the product you buy (cost of advertising is always including in the sold products that were advertised for).
I guess insurance could be cheaper for people who drive defensively. I'd sign up for that.
I imagine a future where people who drive recklessly get their insurance contracts cancelled and have to pay ridiculous premiums to get a company to take them. That's a dystopia I could kinda live with.
No thanks. I do not want my privacy violated, security comprised, or have my devices depend on connectivity/degrade without connectivity. I also don’t want an insurance industry that forces us to live under the watchful eye of a behavior nanny for mundane daily things like driving.
Odd, I was just testing the mirrorlink protocol on a Samsung device and discovered it was dropped last June by Samsung. I wonder if they will have better luck with this effort.
33 comments
[ 4.1 ms ] story [ 87.5 ms ] threadI hope for once to be surprised with privacy features..
"Where did you go today? We know." - Car Data slogan?
So today a consent of the vehicle owner is required and the owner needs to document the they “posses” the rights to the vin. This is how it works for bmw: you request data through that portal, the portal requests the access through the manufacturer. The manufacturer sends a consent request to the registered owner via email. If consent is granted via connected drive portal, data market starts receiving data and so do you. To even be eligible for consent request, the vehicle needs to be car data enabled which is done at a dealership with pen and paper signature. At least that’s how it works in Germany right now.
Disclosure: I know the sales and tech team at Caruso Dataplace but I’m not connected to the company in any commercial way.
It should be easy enough to prove ownership to a dealer or whatever and have them update the registration. It seems to me that the corner cases there are more unfortunate than dangerous.
If it’s a direct sale, I guess it’s worth asking the first owner for the connectivity status. Even so, I believe a visit at a dealer with registration document would get that resolved pretty fast.
In my opinion, it's possible put privacy in the hands of consumers and enable developers to buidl apps for cars easily. I'm hoping this consortium adheres to these principles too.
You can see an example of this flow on our homepage: https://smartcar.com/product/connect/
P.S. There's no other way for developers/apps/businesses to obtain access to a APIs for a car. The owner of the car has to explicitly go through this flow.
I hope your platform only allows users to hand over data to thoroughly data-security-audited companies or your platform might be in for a rude awakening...
In our case, a car owner can link their car to a app of their choice. It's a lot like how you can link your bank to an app like Venmo or Robinhood. We do vet all businesses using our APIs, but a data/security audit of customers seems challenging and uncommon.
Are you aware of any services that help facilitiate this or any platforms that do this today?
They link to it under their cookie policy: https://global-carconnectivity.org/wp-content/uploads/2020/0...
Sign me up.
But this is why I drive a 20yo car and am serious considering replacing my current iPhone with a burner Dumb phone.
The value proposition just isn't being made nor delivering anymore!
I hope electric cars take advantage of their simplicity and become very repairable, but I'm worried given Tesla's behavior.
I imagine a future where people who drive recklessly get their insurance contracts cancelled and have to pay ridiculous premiums to get a company to take them. That's a dystopia I could kinda live with.