feature article
Subscribe Now

Your Car: 25 GB/Hour of Personal Data

Otonomo Makes it Their Business to Track, Sell Your Whereabouts

What defines creepy? Is it a dark abandoned house with creaking floors and a history of mayhem? A doll with eyes that seem to follow you? A backwoods loner with a chainsaw? 

Or is it your car? Your car takes you to work, to your friends’ houses, to your favorite vacation spots, and back home again. It goes everywhere with you — or you with it. It’s your closest companion, along for every ride, every adventure, and every misadventure. So what would happen if this close companion blabbed to a stranger about absolutely everywhere you’ve been together? 

Too late: it already has. 

Unbeknownst to most of us, many new cars now stream gigabytes of real-time data up to the cloud, where it’s collected, collated, aggregated… and sold. Up to 25 GB/hour of automotive data gets collected and shipped off from new cars by BMW, Mitsubishi, Chevrolet, Mercedes-Benz, Nissan, Cadillac, Renault, Dodge, and others. More than 40 million new cars are already sharing their owner’s travel activities, with tens of millions more joining the club every year. 

What kind of data? It’s a long list, including GPS coordinates, vehicle type, speed, odometer reading, entertainment media choices, outside temperature, accelerator and brake pedal pressure, turn signal status, steering wheel position, oil level, fuel level, tire pressure, seat belt status, lateral g forces, and much more. In all, 50–80 separate items are measured, recorded, and sent to someone else. 

Surprised? Creeped out? Or unconcerned? 

Let’s look at an example. Without spending a dime, you can obtain thousands of data points recorded from cars operating in your choice of region (city, state, or country). The data is anonymized, in the sense that it doesn’t include drivers’ names, but that hardly makes it anonymous. As this Motherboard article points out, location data alone is enough to pinpoint someone’s home (i.e., where is the car parked every night?) and their workplace (where is it parked during business hours?), as well as their friends, favorite restaurants, doctor visits, recent movies, and much more. Given all of that, filling in the owner’s name is trivial. 

Some automakers collect this data themselves, but most of the big names farm out their data collection to an independent Israeli company called Otonomo. The company says it has OEM agreements with 16 large automakers (including those named above), amounting to more than 40 million cars globally. The amount of data collected varies by car, ranging from 50+ parameters for cars made by Stellantis (that is, Dodge, Chrysler, Jeep, Ram, Fiat, Peugeot, Alfa Romeo, Maserati, and others), to over 80 data points for Mercedes-Benz vehicles. In all, the company says it collects a whopping 4.3 billion data points per day

Why would Otonomo collect all this data? To sell it, obviously. Customers include insurance companies, advertisers, automakers, law enforcement, municipalities, financial institutions, and even the military. Said customers pay Otonomo $15–$25 per car per year, or $30–$100 per million data points per year, according to this corporate investor presentation

The company’s mission statement proclaims, “We harness the immense potential of automotive data by allowing thousands of organizations across a broad range of end markets to seamlessly access, explore, analyze, and unlock the full data potential” and to “provide new monetization avenues for OEMs…” 

“Thousands of organizations?” Yikes. Otonomo estimates the revenue potential from “car data monetization” will reach at least $450 billion, and maybe $750 billion, by 2030. 

Until recently, Otonomo even offered a free trial to anyone with an email address. (Now the company says it requires a phone call and “additional vetting.”) As one reporter figured out, it was easy to sign up for multiple free trials and aggregate the data to provide an even clearer picture of the unsuspecting participants in his experiment. 

Otonomo says that its data is all scrubbed and anonymized, and that users (meaning drivers) must consent to the data sharing beforehand. But such “consent” often amounts to a click-through agreement on the car’s GPS screen. No consent, no navigation or radio. Sometimes having a cell phone in the car amounts to consent (check your carrier’s service agreement). 

There are admittedly some fairly benign uses for such data; ones that might actually benefit drivers instead of monetizing them. A low oil reading, for example, might trigger an email warning. Oh wait… cars already have dashboard “idiot lights” for that. Same goes for high coolant temperatures, low fuel level, low tire pressure, high engine RPM, excess speed, and other potentially damaging conditions. In short, drivers over the last hundred years have had all the information they need to drive and maintain their own cars. 

Otonomo’s terms of service includes a stern finger-wagging admonishing their clients not to ”…derive, or attempt to derive, either directly or indirectly, the identity of an individual…”. Yeah, that ought to keep the stalkers away. The company’s website also includes an opt-out link for consumers, but ironically enough, it requires you to create an account and identify your vehicle. All of which assumes that car owners even know to look for the Otonomo website. 

Drivers and car owners don’t usually, if ever, sign an agreement directly with Otonomo. Any consent is typically buried in amongst the paperwork with the car dealer, automaker, rental company, or leasing agent. They, in turn, might have an agreement with Otonomo, which is motivated to sell the data to anyone they like. Nobody in that chain has an incentive to clarify the situation, while Otonomo has every incentive to offer the data to “thousands of organizations.” 

We’ve already seen how cameras can legally record every car’s whereabouts and derive sensitive personal information from that. Now we can skip the camera; the car itself will rat you out if you’re dodging work. The world’s privacy ends not with a bang but a whimper.

2 thoughts on “Your Car: 25 GB/Hour of Personal Data”

Leave a Reply

featured blogs
Sep 21, 2023
Wireless communication in workplace wearables protects and boosts the occupational safety and productivity of industrial workers and front-line teams....
Sep 21, 2023
Labforge is a Waterloo, Ontario-based company that designs, builds, and manufactures smart cameras used in industrial automation and defense applications. By bringing artificial intelligence (AI) into their vision systems with Cadence , they can automate tasks that are diffic...
Sep 21, 2023
At Qualcomm AI Research, we are working on applications of generative modelling to embodied AI and robotics, in order to enable more capabilities in robotics....
Sep 21, 2023
Not knowing all the stuff I don't know didn't come easy. I've had to read a lot of books to get where I am....
Sep 21, 2023
See how we're accelerating the multi-die system chip design flow with partner Samsung Foundry, making it easier to meet PPA and time-to-market goals.The post Samsung Foundry and Synopsys Accelerate Multi-Die System Design appeared first on Chip Design....

featured video

TDK PowerHap Piezo Actuators for Ideal Haptic Feedback

Sponsored by TDK

The PowerHap product line features high acceleration and large forces in a very compact design, coupled with a short response time. TDK’s piezo actuators also offers good sensing functionality by using the inverse piezo effect. Typical applications for the include automotive displays, smartphones and tablet.

Click here for more information about PowerHap Piezo Actuators

featured paper

Intel's Chiplet Leadership Delivers Industry-Leading Capabilities at an Accelerated Pace

Sponsored by Intel

We're proud of our long history of rapid innovation in #FPGA development. With the help of Intel's Embedded Multi-Die Interconnect Bridge (EMIB), we’ve been able to advance our FPGAs at breakneck speed. In this blog, Intel’s Deepali Trehan charts the incredible history of our chiplet technology advancement from 2011 to today, and the many advantages of Intel's programmable logic devices, including the flexibility to combine a variety of IP from different process nodes and foundries, quicker time-to-market for new technologies and the ability to build higher-capacity semiconductors

To learn more about chiplet architecture in Intel FPGA devices visit: https://intel.ly/47JKL5h

featured chalk talk

Electrical Connectors for Hermetically Sealed Applications
Many hermetic chambers today require electrical pathways to provide internal equipment with power, data or signals, or to receive data and signals from equipment within the chamber. In this episode of Chalk Talk, Amelia Dalton and Brad Taras from Cinch Connectivity Solutions explore the role that seals and connectors play in the performance of hermetic chambers. They examine the methodologies to determine hermetic seal leaks, the benefits of epoxy hermetic seals, and how Cinch Connectivity’s epoxy-based seals and hermetic connectors can add value to your next design.
Aug 22, 2023
4,227 views