Under the Hood, with Big Brother

[David Farber <dave () farber net>]

Begin forwarded message:

From: Matt Murray <mattm () optonline net>
Date: November 8, 2004 7:50:51 AM EST
To: Dave Farber <dave () farber net>
Cc: mattm () optonline net
Subject: Under the Hood, with Big Brother
Reply-To: Matt Murray <mattm () optonline net>

Prof. Farber,

Another that might be appropriate for IP from "AutoWeek" (a
consumer automotive magazine). My version of avoiding an On-Star
contact would be to unplug the antenna, but to work around the
EDR might be a *bit* harder.

Matt Murray

mattm () optonline net


http://www.autoweek.com/article.cms?articleId=101136

-----------------------------------------------------------------
---------------
Under the Hood, with Big Brother

Forget Orwell's 1984-20 Years Later It's Our Cars That Are Giving
Us Up
BOB GRITZINGER
Published Date: 11/8/04


Someday it'll happen, probably when you least expect it. Just as
you countersteer while drifting out of a tight corner, or after
you punch the brakes hard, you'll hear the mechanically animated
female voice emanating from your car's audio system:

"Collision detected. Calling OnStar."

You need not be anywhere close to a collision, really. For our
road test team this summer, it was just a matter of running a
routine slalom in a Chevy Malibu Maxx-without so much as hitting
a rubber cone-when OnStar called to check up on our driver's
health.

If you're anything like us, it won't be until after you've
explained to the distant helper that you didn't have an accident,
the airbags did not deploy, and you don't need assistance, that
you'll begin to experience an uneasy feeling in the pit of your
stomach.

How'd they know that you were driving like that? What else do
they know? And who else knows?

Welcome to paranoia-ville-the driving equivalent of George Orwell
's 1984, brought to life here in the post-9/11 world of Homeland
Security.

Your first impulse might be to complain of the intrusion to those
behind the bright blue OnStar button, but here's a flash: You
should be far more alarmed by what alerted OnStar in the first
place-the "black box" insidiously hard-wired into your car's
electronic guts, unstoppable, unalterable, and unbeknownst to
most drivers, silently recording every dramatic move.

These four-inch square boxes (actually silver, not black)-known
as Event Data Recorders (EDRs) or Crash Data Recorders
(CDRs)-collect an array of information every five seconds as you'
re driving down the road. Unlike aircraft recorders pulled from
plane crash wreckage, EDRs don't record cockpit voices or such a
wide range of information over such a long period of time, but
they do constantly record everything from seatbelt use and airbag
deployment to throttle position and braking action-information
retained the moment g forces indicate a crash is imminent. The
threshold at which the EDR begins saving data (or sending a call
to OnStar for help) varies depending on the vehicle-wouldn't want
your C6 Corvette overreacting like a pick-up truck, now would
you?-but typically falls in a range from 1.0 to 2.0 gs. At the
low end, the module "wakes up" and begins retaining recorded
information, followed by a second threshold, typically when the
airbag deploys, when additional data is saved. Once retained, the
data typically is retrievable for up to 250 ignition cycles, or
about 45 days on average.

In short, EDR data can paint a fairly descriptive picture of
exactly what occurred in a vehicle in the critical moments
immediately before, during and after a crash. Used as intended,
data helps safety engineers make cars safer-and helps companies
cut their product liability risks-by learning from information
collected during real-world collisions.


"The technology is growing at the speed of light, and the laws
are back in the Stone Age. We're not saying 'Smash the black
boxes.' But we've yet to establish a legal regime that can put
some chains on this growing surveillance monster." - Barry
Steinhardt, ACLU Technology and Liberty Program (Photo by AP/Wide
World Photos)

"You can't shut it off, and you can't manipulate it," notes
General Motors safety engineering spokesman Jim Schell. Other
EDRs help technicians get to the bottom of service problems,
sometimes without a customer even driving into the service bay.
Similarly, OnStar and other helpful onboard services can provide
directions and infor­mation, track stolen vehicles, send help in
emergencies, and even save lives.

As with most technology in today's world, though, unintended
consequences are often the rule, not the exception. If your
Chevrolet Tahoe records a 1.0 g on-ramp maneuver and calls
OnStar, does that information help clear General Motors of
liability after your sport/ute unexpectedly rolls over five miles
farther down the road? Or if you're autocrossing your Miata one
weekend and file a warranty claim the next, what are the chances
your EDR will rat you out to the manufacturer who then voids your
warranty? And who is to say that recording a few seconds of data
might not lead to recording a few more seconds, and a few more
seconds, until automotive black boxes record and retain
information constantly just like the ones on planes? Maybe you
weren't speeding when the officer stopped you, but will your EDR
tell him that five miles or five days earlier, you were?

"It all seems to be going toward the idea of tracking people as
much as possible so companies can wring as much money as possible
out of people," warns Eric Skrum of the National Motorists
Association, a Wisconsin-based drivers' rights group. "Most
people don't even realize it's there, and nothing addresses who
owns that information."

OnStar says it, too, is opposed to giving up information from its
subscribers, but for purposes of business record-keeping
(internal quality and customer complaint follow-up, for
instance), the company does retain information from collisions
and near-collisions for up to 18 months at a time. Although
GPS-enabled, OnStar won't track down your cheating spouse, but
plenty of companies using similar technology will be more than
happy to trace your car's movements-for a fee. And while auto
companies and the general public remain as divided as the red and
blue states of the U.S. electorate on what information should be
recorded by EDRs and who should have access to it, law
enforcement, government regulators, insurers and the legal
community are already lined up and ready to reach into your car's
internals and retrieve recorded information that eventually could
be tougher to challenge than your own DNA.

"The technology is there, and it will do more than we can
imagine," says NMA's Skrum. "There are no safeguards in place-no
protections for the motorist."

Government regulators obviously have a keen interest in the
development and proliferation of data recorders. Though the
National Highway Traffic Safety Administration says automakers
are installing EDRs on their own fast enough without any
regulations in place, the safety agency has proposed a rule
mandating a standard by 2008 for all those voluntarily installed
EDRs. The rule proposes that EDRs collect up to 42 points of
common data readily downloadable by anyone with the proper
equipment, expertise and authority.

The rule is still under review, with adoption a year or more
away, but in all likelihood it will go into effect despite public
sentiment that so far is running 10-to-1 opposed, judging by
public comment on NHTSA's website.

"You are proposing to spy on citizens of the United States
without their consent or knowledge, to collect data that is a
potential legal liability for that individual," commented Rhode
Island resident William Bilotti. "This proposal, if carried
through, places all Americans on the slippery slope to Orwellian
government."

Another comment was more succinct: "FOAD." Translation for
clueless bureaucrats: "F*** Off and Die."

David Sobel, general counsel for the Washington, D.C.-based
Electronic Privacy Information Center (EPIC), worries about the
unintended consequences-and abuses-of EDR technology. Today EDRs
are collecting data for five seconds, but Sobel doesn't doubt
that "at some point somebody will suggest recording five minutes
or more" that could, for instance, allow police to ticket a
speeder without ever witnessing the driver actually speeding.

"There are many potential uses of this technology that are yet to
be conceived of," says Sobel.


Bad news for the citizenry, however. Lining up on the other side
of the argument are safety advocates, police, crash
reconstructionists, insurance companies and black-box
manufacturers.

The National Transportation Safety Board called for requiring
standardized EDRs in all light-duty vehicles after it was unable
to clearly ascertain what happened when an elderly driver plowed
through a farmer's market in Santa Monica, California, last year,
killing and injuring scores of people.

NTSB spokesman Keith Holloway said public concerns about personal
privacy shouldn't get in the way of providing a valuable tool for
accident investigators.


Dumb box got smarter

When it comes to today's fairly complex Event Data Recorders, you
can blame airbags for getting the ball rolling. Back in the
mid-1970s General Motors first began installing EDR-precursor
SDMs, aka Sensing and Diagnostic Modules, on cars fitted with the
earliest airbags. The SDMs recorded post-crash data
only-performance of the airbag and the severity of the crash as
measured in gs-so that engineers could download the data and use
it to make smarter airbags.

"It was set up strictly to record data for safety and research
purposes," says Jim Schell, GM safety engineering spokesman.
"That data can be invaluable."

Little changed for the next decade or so, and then in 1992 GM
fitted 70 open-wheel Indy race cars with SDMs. They were far more
sophisticated crash data recorders but still only capable of
recording post-crash information. While the post-crash data
proved useful to those trying to make racing safer, it also
suggested another possibility: Why not record data at the exact
moment of the crash-or even earlier?


By 1999 that's exactly where the technology had evolved, with GM
taking the lead on installing SDMs with pre-crash recording
functions in all its 2000 model year vehicles. Since then the
silver boxes built into every GM vehicle have recorded the
severity of a crash as measured by change in velocity over time,
airbag performance, driver seatbelt status, vehicle speed,
throttle position and brake status. Recording begins up to five
seconds before a crash, when the module detects a sufficient
change in velocity indicating a crash and airbag deployment are
imminent, and ends once the crash occurs.

Other automakers have come on board at varying levels of
sophistication and interest.         -BG

 "We don't want to record someone's whole route-we're focusing on
the last few seconds before an accident," says Holloway.
"Granted, some people could use that information [in criminal
prosecutions or lawsuits], but that is not our concern."

Not their concern. So do we do what's good for the government and
let the chips fall on the citizenry? Or are we just being too
paranoid when we sense that no one in government wants the
bothersome task of protecting our privacy?

Former NHTSA administrator Ricardo Martinez, who now heads
Atlanta-based Safety Intelligence Systems (a black-box
manufacturer), has urged NHTSA since 2001 to mandate EDRs in
cars. Though most crash reconstructionists argue that EDR data is
merely a supplement to a careful on-scene investigation, Martinez
argues that crash scene investigations are expensive,
time-consuming and often inaccurate. For instance, investigators
can no longer rely on skid mark evidence, because cars equipped
with antilock brakes, traction control and stability systems
often don't leave skid marks on the pavement. The marks they do
leave are not as useful to crash investigators as were the old
locked-wheel emergency stops.

Even our neighbors to the north have weighed in, sharing
experiences on how EDR data has helped to convict-and to
clear-Canadian drivers involved in crashes. On one hand, a black
box helped convict a Quebec driver involved in a fatal crash even
though he claimed the driver who was killed was at fault. In
another case, however, black- box evidence cleared a driver in a
fatal chain-reaction crash in Ontario despite witness testimony
that the crash was triggered by a reckless driver. Similar cases
have cropped up in the United States as well, including a case
where EDR data helped convict the driver of a Ferrari who crossed
the centerline at high speed and hit an oncoming car, killing the
driver. In another fatal accident case, however, a Florida driver
used EDR data to prove he wasn't speeding and beat the rap.

If there's a bright spot in the black-box debate, it's that most
everyone agrees that proliferation of EDRs must come with strong
rules governing notification of the EDR's presence in the vehicle
and what it might record, who owns the data, how the data can be
used and who can legally obtain it.

"Those rules are not anywhere close," warns Barry Steinhardt of
the American Civil Liberties Union's Technology and Liberty
Program. "The technology is growing at the speed of light, and
the laws are back in the Stone Age. We're not saying 'Smash the
black-actually they're silver-boxes.' But we've yet to establish
a legal regime that can put some chains on this growing
surveillance monster."

For now, simple notification that an EDR is aboard is about all
you can expect, and some companies don't even do that. But what's
the likelihood that such notices will be read and understood any
more than those long legal disclaimers people skip past when they
're installing software on their personal computers? Notification
matters in courts and to lawyers, but for Joe Public, it's mostly
a lot of empty words.

> > Even the Insurance Institute for Highway Safety, a private
safety research agency that rarely finds fault with greater
regulation on America's cars and trucks, has concerns that
valuable crash data from EDRs may be lost for research purposes
if privacy protections aren't part of the package. IIHS's Adrian
Lund also expressed concern that if federal regulations demand
that EDRs monitor too many safety systems, automakers may leave
safety technology off their cars to avoid having to also engineer
the EDR monitoring of those systems.

So far, California is at the forefront of black-box regulation.
In July the state approved a wide-ranging EDR law requiring
manufacturer notification to buyers and specifying that EDR data
is the property of the vehicle owner or lessee, and can only be
downloaded with the owner's permission or through a court order.


Smart cops are way ahead of the law, however. Sgt. Tim Brown, a
Michigan State Police crash investigator who is a seasoned
veteran in this infant field as a result of downloading some 50
EDRs from crashed cars in the past two years, recommends getting
a search warrant to download EDR data. He adds that he only uses
EDR evidence to back up what he has already surmised from his
field work, and he remembers the old computer rule: Garbage in,
garbage out. In other words, data from an EDR can be incorrect,
as appears to have been the case in a wintry spinout accident
involving Maine Gov. John Baldacci and his state police trooper
driver. According to a report in the NMA's May/June newsletter,
the trooper said he was traveling at 55 mph before the accident,
and a police investigation placed the speed at between 55 and 65
mph. But the black-box data downloaded from the state-owned
Chevrolet Suburban erroneously recorded the vehicle was traveling
at 71 mph five seconds before its airbags deployed. "The general
public already thinks police can push a button and say 'Here's
where they are and here's how fast they're going,'" says Sgt.
Brown. "We need to be real, real careful."

Automakers see the writing on the wall and are already
incorporating notice of EDRs into owner's manuals. But even if
you happen to read the disclaimer, there's little you can do to
prevent the device from recording data short of shorting out your
car's airbags and other safety systems.

> > So much for the enemy you can't see-what about the one you
can? OnStar gets enough emergency calls to keep a library of
rescue "true story" advertising running on television and radio,
some 11,000 blue button pushes per month and another 700
automatic notifications due to airbag deployments. While we might
appreciate a call from an OnStar advisor if we're upside down in
a watery ditch, we might not always want someone looking over our
driving shoulder. But forget about the urban legends-what can all
this stuff really do?

Eavesdropping, for one. In California, a federal court slapped
the hands of investi­gators who tapped into illicit in-vehicle
conversations via the car's built-in communi­cations system (not
OnStar), but the ruling did not focus on privacy issues. Rather,
the court held that using the system to eavesdrop on vehicle
occupants interfered with the system's contractual obligation to
provide emergency services and communications to the vehicle
owner.

Though service providers like OnStar and Texas-based ATX (used in
many Mercedes, BMW and Rolls-Royce vehicles) contend that
surreptitious eavesdropping isn't possible without setting off a
series of telltale warnings (phone ring tones, visible and
audible alerts), privacy advocates warn that it won't be long
before the long arm of the law finds a way around those alerts.

Then there's global positioning satellite data to consider.
OnStar says it won't track a customer vehicle unless the vehicle
is legitimately reported stolen to police-and then OnStar deals
directly with police, rather than the subscriber, to locate the
stolen vehicle. Furthermore, once a customer declines service and
quits paying, the electronics in the vehicle are deactivated and
OnStar cannot initiate a new connection.

OnStar-as the industry's largest provider of onboard safety and
security systems with 2.7 million subscribers and systems built
into the vast majority of General Motors models sold in recent
years (as well as Audi, Volkswagen, Acura, Subaru, Isuzu and
Lexus vehicles)-promises to be a strong gatekeeper when it comes
to privacy.

"Law enforcement has learned that a system like ours or OnStar's
isn't a good tracking or eavesdropping tool.  They know they can
do it faster and easier themselves."
- Gary Wallace, ATX vice president of corporate relations

 "Privacy is a huge concern to this company-we're always going to
err on the side of the angels, and we're going to protect the
privacy of our customers," says spokesman Terry Sullivan. That
privacy doesn't extend to sharing OnStar data within the giant
corporation, however, where the marketing side may find your
OnStar data helpful to the next sales campaign.

Others have similar privacy policies and systems in place. ATX
policy specifically calls for challenging court orders seeking to
track ATX-equipped vehicles.

"Law enforcement has learned that a system like ours or OnStar's
isn't a good tracking or eavesdropping tool," says Gary Wallace,
ATX vice president of corporate relations. "They know they can do
it faster and easier themselves."

LoJack, the industry leader in stolen vehicle tracking with
operations in 25 countries worldwide, has some of the same public
relations problems as OnStar: Paranoid people think the company's
tracking equipment can keep tabs on a subscriber's whereabouts at
all times. Not true, says Pat Clancy, LoJack vice president of
law enforcement.

 "The only way a LoJack unit can be activated is through stolen
vehicle reports," says Clancy. A customer might try to track down
a cheating spouse by filing a false stolen car report, but only
the police will ultimately know the vehicle's location. Police
also find that activating a LoJack unit to serve as a tracking
beacon for surreptitious surveillance often has the opposite
effect: The beacon attracts marked patrol cars with LoJack
tracking equipment from every jurisdiction it enters, ending any
hope of surveillance.

Rental car companies also have come under fire for using GPS data
to track driving habits, and once again California is on the
forefront of rulemaking. In August Gov. Arnold Schwarzenegger
signed a law prohibiting rental car companies from using GPS data
to enforce speed and in-state driving restrictions. Similarly,
faced with consumer complaints and a state government order, Acme
Rent-A-Car in Connecticut has abandoned a strategy of charging
extra fees based on black-box data showing that customers had
exceeded the speed limit.

Want something else to worry about? If you're in urban areas in
Australia, Michigan or Southern California, look up. What you'll
see at many intersections in Sydney, suburban Detroit and
metropolitan Los Angeles are small, weatherproof cameras
monitoring your every move as part of the Intelligent
Transportation System. ITS is still in its infancy, primarily
serving as a more efficient method for timing traffic signals,
but some day has the potential to direct traffic flows away from
traffic jams and accidents. For now, ITS cameras merely pick up
the presence of vehicles from a bird's-eye view and translate
that video into data that ITS computers use to shorten red light
waits or to skip left-turn arrow phases.

While that all sounds helpful and innocuous enough (who among us
wouldn't support fewer traffic jams?), the alarms should go off
when someone suggests tracking each GPS-equipped car as a way of
keeping an electronic eye on traffic flows and patterns. Brent
Bair, chairman of the Intelligent Transportation Society of
America, says ITS won't let that happen because traffic managers
don't need specific information from each motorist and oppose
efforts by law enforcement to tap into ITSdata. ITS cameras can't
see into cars, and can't view license plates like the
revenue-generating stoplight cameras now in use in cities like
London and Washington, D.C., Bair assures.

"We will make sure the privacy issue is not an issue," says Bair.
"We don't have to know where people live and we don't need to
know where they're going."

Still, NMA president James Baxter frets that ITS cameras could in
the future record vehicle usage, helping cops write tickets even
when they aren't able to physically run radar. Or, by taking
command of speed controllers built into today's cars, ITS could
just as easily take control of your car's actual operation, he
says.

"In a free society with free people, you should only have to give
out information to those you want it to go to.  It should not be
collected and collated by people you don't know.  It's none of
their damn business."
- Don Harkins, editor of The Idaho Observer

"With control, someone usually loses freedom," says Baxter. "I am
sympathetic to environmental concerns, traffic accidents, and the
host of other reasons given for ITS, but I worry about potential
abuses of my freedom."

Then there's this really scary idea: Oregon is working on a
toll-road system that downloads GPS data and odometer readings at
the gas pump to collect fuel taxes on each gallon based on the
amount a motorist drives. Similar systems are in place for
truckers in some European countries, but Oregon's system proposes
that all motorists come under the user-pay tracking system. Some
15 other states are looking into the concept.

While the data theoretically would be collected strictly for
figuring equitable road taxes, even the task force working on the
idea recommends that "legal safeguards be built into any
GPS-based mileage fee to prevent anyone other than the vehicle
owner/operator from knowing the vehicle's movements without the
consent of the vehicle owner/operator." We'd like to think that
goes without saying, but the ACLU notes that under the post-9/11
USA Patriot Act, among the information the FBI can demand-without
judicial oversight-are records of an individual's travel
patterns.

Here's the real kicker: Because the travel data would be managed
by private vendors, presumably to save money and government red
tape, any legal privacy protections governing that data go right
out the window. Forget the feds-everybody from your insurance
company to your car dealership to the manager at Waffle House up
the road could be looking at your travel patterns.

"In a free society with free people, you should only have to give
out information to those you want it to go to," says Don Harkins,
editor of The Idaho Observer, a conservative newspaper in Spirit
Lake, Idaho.  "It should not be collected and collated by people
you don't know. It's none of their damn business."

So what if you really do want to keep track of an errant teen, a
malingering worker or a suspect spouse? Besides private
investigators in the yellow pages, plenty of tracking-specific
companies are ready to jump into the fray. Networkcar promises to
keep track of your teen driver via GPS for $995 for the first
year, and Guidepoint Systems will outfit a car with equipment
that allows GPS tracking, early theft warning and roadside
service. Guidepoint says they've done business with those who
want to keep an eye in the sky on Junior or follow a spouse's
path to a paramour's place.

"We don't endorse that, but we have some customers who have
bought our system for that purpose," says Brian Edwards,
Guidepoint vice president of corporate development. "Frankly, if
the relationship gets to that point, they need counseling, not
GPS tracking."

Like black boxes, very little law is on the books governing who
owns the information and who can get it. "We're very aware that's
a law waiting to be written," says Edwards.

In a proactive, yet ominous twist, insurer Progressive is forging
ahead with a plan to give customers a discount on car insurance
premiums by taking advantage of the brave new world of black
boxes. Progressive's TripSense pilot program in Minnesota (but
likely headed for a nationwide rollout a year from now) allows
Progressive customers to install monitors on their cars that
record speed, miles traveled, and time of day that the driving
occurred. Those who drive less, at lower speeds, and at safer
times of day, can save up to 15 percent on their car insurance
premiums (a GPS component to record whether the customer drove
into higher-risk areas was eliminated after customers
complained).

Some already see uses like Progressive's as the first step down a
slippery slope to constant monitoring of the driving public. Jim
Haas, Progressive's Minnesota product manager, admits some
insurers may decide to tie insurability and risk to use of the
box.

"We can't control what other companies do, but I don't think we'
re ever going to get to a point where we're saying we won't
insure you unless you have this device," says Haas.

We'll see. Then again, depending on where the black box is
stashed, maybe we won't.

All Content © 2004 Crain Communications, Inc.
-----------------------------------------------------------------
---------------


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/