feature article
Subscribe Now

Your Car: 25 GB/Hour of Personal Data

Otonomo Makes it Their Business to Track, Sell Your Whereabouts

What defines creepy? Is it a dark abandoned house with creaking floors and a history of mayhem? A doll with eyes that seem to follow you? A backwoods loner with a chainsaw? 

Or is it your car? Your car takes you to work, to your friends’ houses, to your favorite vacation spots, and back home again. It goes everywhere with you — or you with it. It’s your closest companion, along for every ride, every adventure, and every misadventure. So what would happen if this close companion blabbed to a stranger about absolutely everywhere you’ve been together? 

Too late: it already has. 

Unbeknownst to most of us, many new cars now stream gigabytes of real-time data up to the cloud, where it’s collected, collated, aggregated… and sold. Up to 25 GB/hour of automotive data gets collected and shipped off from new cars by BMW, Mitsubishi, Chevrolet, Mercedes-Benz, Nissan, Cadillac, Renault, Dodge, and others. More than 40 million new cars are already sharing their owner’s travel activities, with tens of millions more joining the club every year. 

What kind of data? It’s a long list, including GPS coordinates, vehicle type, speed, odometer reading, entertainment media choices, outside temperature, accelerator and brake pedal pressure, turn signal status, steering wheel position, oil level, fuel level, tire pressure, seat belt status, lateral g forces, and much more. In all, 50–80 separate items are measured, recorded, and sent to someone else. 

Surprised? Creeped out? Or unconcerned? 

Let’s look at an example. Without spending a dime, you can obtain thousands of data points recorded from cars operating in your choice of region (city, state, or country). The data is anonymized, in the sense that it doesn’t include drivers’ names, but that hardly makes it anonymous. As this Motherboard article points out, location data alone is enough to pinpoint someone’s home (i.e., where is the car parked every night?) and their workplace (where is it parked during business hours?), as well as their friends, favorite restaurants, doctor visits, recent movies, and much more. Given all of that, filling in the owner’s name is trivial. 

Some automakers collect this data themselves, but most of the big names farm out their data collection to an independent Israeli company called Otonomo. The company says it has OEM agreements with 16 large automakers (including those named above), amounting to more than 40 million cars globally. The amount of data collected varies by car, ranging from 50+ parameters for cars made by Stellantis (that is, Dodge, Chrysler, Jeep, Ram, Fiat, Peugeot, Alfa Romeo, Maserati, and others), to over 80 data points for Mercedes-Benz vehicles. In all, the company says it collects a whopping 4.3 billion data points per day

Why would Otonomo collect all this data? To sell it, obviously. Customers include insurance companies, advertisers, automakers, law enforcement, municipalities, financial institutions, and even the military. Said customers pay Otonomo $15–$25 per car per year, or $30–$100 per million data points per year, according to this corporate investor presentation

The company’s mission statement proclaims, “We harness the immense potential of automotive data by allowing thousands of organizations across a broad range of end markets to seamlessly access, explore, analyze, and unlock the full data potential” and to “provide new monetization avenues for OEMs…” 

“Thousands of organizations?” Yikes. Otonomo estimates the revenue potential from “car data monetization” will reach at least $450 billion, and maybe $750 billion, by 2030. 

Until recently, Otonomo even offered a free trial to anyone with an email address. (Now the company says it requires a phone call and “additional vetting.”) As one reporter figured out, it was easy to sign up for multiple free trials and aggregate the data to provide an even clearer picture of the unsuspecting participants in his experiment. 

Otonomo says that its data is all scrubbed and anonymized, and that users (meaning drivers) must consent to the data sharing beforehand. But such “consent” often amounts to a click-through agreement on the car’s GPS screen. No consent, no navigation or radio. Sometimes having a cell phone in the car amounts to consent (check your carrier’s service agreement). 

There are admittedly some fairly benign uses for such data; ones that might actually benefit drivers instead of monetizing them. A low oil reading, for example, might trigger an email warning. Oh wait… cars already have dashboard “idiot lights” for that. Same goes for high coolant temperatures, low fuel level, low tire pressure, high engine RPM, excess speed, and other potentially damaging conditions. In short, drivers over the last hundred years have had all the information they need to drive and maintain their own cars. 

Otonomo’s terms of service includes a stern finger-wagging admonishing their clients not to ”…derive, or attempt to derive, either directly or indirectly, the identity of an individual…”. Yeah, that ought to keep the stalkers away. The company’s website also includes an opt-out link for consumers, but ironically enough, it requires you to create an account and identify your vehicle. All of which assumes that car owners even know to look for the Otonomo website. 

Drivers and car owners don’t usually, if ever, sign an agreement directly with Otonomo. Any consent is typically buried in amongst the paperwork with the car dealer, automaker, rental company, or leasing agent. They, in turn, might have an agreement with Otonomo, which is motivated to sell the data to anyone they like. Nobody in that chain has an incentive to clarify the situation, while Otonomo has every incentive to offer the data to “thousands of organizations.” 

We’ve already seen how cameras can legally record every car’s whereabouts and derive sensitive personal information from that. Now we can skip the camera; the car itself will rat you out if you’re dodging work. The world’s privacy ends not with a bang but a whimper.

2 thoughts on “Your Car: 25 GB/Hour of Personal Data”

Leave a Reply

featured blogs
Mar 1, 2024
A menu provides access to frequently used commands or features of an application or program. You can access menu items from the menu bar, typically located at the top of the application window, or a shortcut menu from the right mouse click. There are multiple ways to create c...
Mar 1, 2024
Explore standards development and functional safety requirements with Jyotika Athavale, IEEE senior member and Senior Director of Silicon Lifecycle Management.The post Q&A With Jyotika Athavale, IEEE Champion, on Advancing Standards Development Worldwide appeared first ...
Feb 28, 2024
Would it be better to ride the railways on people-powered rail bikes, or travel to the edge of space in a luxury lounge hoisted by a gigantic balloon?...

featured video

Tackling Challenges in 3DHI Microelectronics for Aerospace, Government, and Defense

Sponsored by Synopsys

Aerospace, Government, and Defense industry experts discuss the complexities of 3DHI for technological, manufacturing, & economic intricacies, as well as security, reliability, and safety challenges & solutions. Explore DARPA’s NGMM plan for the 3DHI R&D ecosystem.

Learn more about Synopsys Aerospace and Government Solutions

featured paper

Reduce 3D IC design complexity with early package assembly verification

Sponsored by Siemens Digital Industries Software

Uncover the unique challenges, along with the latest Calibre verification solutions, for 3D IC design in this new technical paper. As 2.5D and 3D ICs redefine the possibilities of semiconductor design, discover how Siemens is leading the way in verifying complex multi-dimensional systems, while shifting verification left to do so earlier in the design process.

Click here to read more

featured chalk talk

Maximizing High Power Density and Efficiency in EV-Charging Applications
Sponsored by Mouser Electronics and Infineon
In this episode of Chalk Talk, Amelia Dalton and Daniel Dalpiaz from Infineon talk about trends in the greater electrical vehicle charging landscape, typical block diagram components, and tradeoffs between discrete devices versus power modules. They also discuss choices between IGBT’s and Silicon Carbide, the advantages of advanced packaging techniques in both power discrete and power module solutions, and how reliability is increasingly important due to demands for more charging cycles per day.
Dec 18, 2023
10,455 views