LOS ANGELES – The rush toward driverless cars by Golden State lawmakers needs to be tempered by the growing risks the technology poses to auto makers, a leading manufacturer group says.
Hours after Gov. Jerry Brown signs a bill authorizing state regulations for autonomous vehicles by 2015, the Alliance of Automobile Manufacturers, whose members account for 77% of all car and light-truck sales in the U.S., warns of the need to go slow.
“If the state’s intention is to promote autonomous vehicles, all the concerns – like liability – need to be properly addressed in advance or we can expect a bumpy road ahead,” the group says in a statement.
The new law marks the culmination of what at least some observers describe as a fast-tracked deliberation process fueled by a turbocharged lobbying effort by Google, which is testing a fleet of a dozen or so computer-controlled vehicles. The Internet data company says its self-driven fleet has logged more than 300,000 miles (483,000 km) without an accident.
Even though the manufacturing alliance says it “strongly” endorses advanced technology, including autonomous technology, “policy issues must be resolved before autonomous vehicles may legally operate in California.”
The new legislation offers no protection to the maker of a vehicle that has been converted to an autonomous unit without the consent or even knowledge of the manufacturer, the trade organization argues.
Vehicles currently are designed to be operated by people who are expected to maintain control and operate them safely, but SB 1298, the newly signed bill, “envisions autonomous vehicles where responsibility for safe operation rests on the autonomous system,” the group says.
The alliance’s concerns are shared by interests throughout the automotive and high-tech fields.
A year ago, computer-security company McAfee released a report, “Caution: Malware Ahead,” outlining emerging risks in automotive-system security. The analysis examined vehicle electrical systems and embedded devices such as airbags, radios, power seats, antilock brakes, electronic stability controls, autonomous cruise controls and communication technology.
“Each interface serves as a motivator and means for an attacker to access the vehicle,” says one of the McAfee reports researchers, Stefan Goss, a professor of automotive technology at Germany’s Ostfalia University of Applied Sciences. “We can expect new challenges to protecting the changing interface of embedded systems in cars.
“I expect a new chapter of car security in the next two car generations.”
Stuart McClure, senior vice president and general manager at McAfee says, “It’s one thing to have your email or laptop compromised, but having your car hacked could translate to dire risks to your personal safety.”
The McAfee report and similar recent studies expand on the foundational research done by the since-disbanded Center for Automotive Embedded Systems Security, a collaborative project between the University of California-San Diego and University of Washington, which determined onboard vehicle computer systems will be increasingly vulnerable to malicious attacks as user-connective technology expands.
In their 2011 study, “Comprehensive Experimental Analyses of Automotive Attack Surfaces,” project researchers conclude remote exploitation of a vehicle “is feasible via a broad range of attack vectors (including mechanics’ tools, CD players, Bluetooth and cellular radio) and, further, that wireless communications channels allow long-distance vehicle control, location tracking, in-cabin audio exﬁltration and theft.”
Consumer privacy also is at risk through the new legislation, says John Simpson, privacy project supervisor for the nonprofit advocacy group Consumer Watchdog.
California’s new driverless-auto law “gives the user no control over what data will be gathered and how the information will be used,” Simpson tells WardsAuto. “That’s where we have a problem.”
Several recent consumer surveys, including the “2012 Online and Mobile Privacy Perceptions Report” issued by San Francisco-based TRUSTe privacy management solutions company, suggest consumer concerns over privacy issues are rising across all age ranges.
After interviewing 1,033 U.S. adults and 554 U.S. smartphone users at least 18 years old, TRUSTe discovered 94% of consumers consider privacy an important issue, with 58% expressly indicating they “do not like” online behavioral advertising.
The report found 42% of smartphone users identify privacy and security as top concerns, with an overwhelming majority, 85%, saying they won’t download mobile apps they don’t trust.
The TRUSTe research suggests 60% of those adults surveyed are more concerned about their online privacy today than a year ago, while 49% now check for independent privacy certification or seals, up from 41% in 2011.
All those numbers indicate “a clear sign that consumers are becoming more aware and diligent in looking after their privacy online,” the report says.
Perhaps equally significant, the TRUSTe report and other studies show decidedly more privacy-conscious attitudes among members of the so-called Y- or Millennial-Generation consumers, those generally born from the late 1970s to early 2000s, a group the auto industry is targeting with many of its latest innovations.
Further data collected by the Alliance of Automobile Manufacturers finds seven out of every 10 car buyers are interested in driver-assisting technologies such as adaptive cruise control, blindspot monitoring, lane-departure warning, drowsy-driver alerts and 360-degree cameras.
However, a similar majority favors “technologies that provide alerts over the autonomous car,” because there’s still great distrust of “totally self-driving” vehicles in the general marketplace, the association says.
Citing Google’s widely criticized track record of protecting user privacy, Simpson contends “consumers must have the right to give opt-in consent before any data gathered through driverless car technology is used for any purpose other than driving the vehicle.”
But, he laments, the new driverless law demonstrates safeguarding personal privacy is not “high on people’s priorities right now.”
If the collection of personal data in autonomous vehicles remains unchecked, “then a car trip will no longer just be about going from Point A to Point B. Now it’ll be all about how you go and where you stop along the way,” Simpson says.
“I’m not a Luddite. I see this technology coming, and I see it playing a very useful role,” Simpson says. “All I’m saying is we should be setting these privacy issues from the get-go. Ensure privacy by design.”