Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Transportation Your Rights Online

Massachusetts Votes on Expanding Access To Car Data, 'Could Set the National Standard' (wired.com) 34

On Tuesday Massachusetts will vote on expanding the state's right-to-repair law to include more access to car data, in an initiated state statute known as "Question 1."

Wired reports: The measure is meant to address how data sharing will work as cars start to suck in and share more wireless data. The Coalition for Safe and Secure Data, backed by giant automakers, is urging state residents to vote No, arguing that easier access to this data poses security risks.

At the core of the issue is the not-insignificant question of what expanded access to wireless car data might look like and how secure that is. It's not just a question of who can repair a car and access the data, but who owns the data in the first place. The answer could ripple across the industry for years to come, which is why both sides of Question 1 have poured millions of dollars into the fight. And because the U.S. has been slower to address these issues in federal legislation, Question 1 could have impact beyond Massachusetts state lines. Ultimately, the measure "could set the national standard for cars," according to Kyle Wiens, the founder of California-based iFixit and a vocal right-to-repair advocate...

If a majority of Massachusetts residents vote Yes on Question 1 this fall, carmakers would have to install standardized, open data-sharing platforms on any cars with telematics systems starting with model year 2022. "Owners of motor vehicles with telematics systems would get access to mechanical data through a mobile device application," the ballot summary reads...

Early polling suggests the state of Massachusetts will vote overwhelmingly in favor Question 1...

"Hopefully this means we have an open-standard development process," Wiens tells Wired, "with all cars in the U.S. using the same standard, and a new world of innovation around mobile apps."
This discussion has been archived. No new comments can be posted.

Massachusetts Votes on Expanding Access To Car Data, 'Could Set the National Standard'

Comments Filter:
  • At the core of the issue is the not-insignificant question of what expanded access to wireless car data might look like and how secure that is.

    Someone correct me, but isn't the data stream coming from the vehicle to whomever a one-way channel? It's only sending, not receiving, data? Assuming it is a one-way channel, how difficult would it be to make it bi-directional?

    • My car receives OTA software updates, so it must be bidirectional.

      • by sabri ( 584428 )

        My car receives OTA software updates, so it must be bidirectional.

        Bullshit.

        There are lots of examples of one way traffic. Satellite TV, for example. IP multicast, is another. You don't need bidirectional traffic for OTA software updates. It makes it a lot easier and more efficient, but it's not required.

        • by ShanghaiBill ( 739463 ) on Sunday November 01, 2020 @06:46PM (#60673200)

          Bullshit.

          Perhaps you should switch to decaf.

          There are lots of examples of one way traffic.

          Indeed there are.

          But we already know that these systems send diagnostic data upstream.

          They can also receive updates coming downstream.

          Ergo, the channel is bi-directional.

          • by sabri ( 584428 )

            these systems send diagnostic data upstream.

            Yeah, but that's not the original statement. Look up, and you see "they can receive updates, thus must be bi-directional". I'm merely pointing out that such a conclusion is unfounded.

    • They use LTE not satellite.

      • Okay, fine. But isn't it still one way? By that I mean the system is set up to only send its data via LTE, not get anything back?

        I'm not trying to be obtuse, I'm just trying to understand why the issue of security would come up if data is only being sent, not received. If someone could plug a standard connector into a port to download their car's data, and the channel is only one way, there shouldn't be a security issue. The system should be designed to only give, not receive.

        Or am I missing something ob

        • by Nkwe ( 604125 )

          I'm just trying to understand why the issue of security would come up if data is only being sent, not received.

          Because the data being sent contains a precise record of everywhere the the vehicle was and how it was driven. It contains the places you stopped to purchase drugs, alcohol, or sex. It contains the places you stopped to attend church, a support group, a political gathering, or to receive specialized medical care. It contains information on exactly how fast you were driving, for how long, and can be used to identify a variety of traffic violations you have committed. It contains data about what radio station

          • I would hope that granting access to the data stream generated by the vehicle would require some sort of positive authorization by the owner of the vehicle.

            I would hope so too, but I don't think that's currently the case. Because AFAIK during the purchasing of a new vehicle there's nothing in the paperwork that gives the customer a choice of allowing or denying data access for the car company, the dealership, and who knows who else. And there's certainly no "off" switch that the buyer can throw to stop the car from ratting him or her out.

            This is yet another case of 'you paid for it but you don't really own it'. Renting is the new 'owning' - get used to it.

        • by NFN_NLN ( 633283 )

          > Okay, fine. But isn't it still one way?

          If you want to be pedantic, I doubt LTE is true one-way. They probably have packet ACKs being sent back etc.
          Global Positioning and Satellite Radio truly are one-way though. The sender doesn't care if you received the signal or if it was corrupt, etc. It just continually broadcasts and the receiver is responsible for processing whatever they get - no ACKs, no confirmations, no 2-way authentication.

        • >But isn't it still one way?

          Nope. I can run a web browser on the screen of my car.
          I can request or retard updates by selecting options on the screen.
          The vendor will message me if there's a problem detected needing a trip to the service center.

          Data is going both ways. Since it's IP-over-LTE, it couldn't be any other way.

          If I read it right, the bill would let me see the reporting data too. That should be a thing.

  • Some clarification needed.
    1) What if the same car will drive over to Canada.
    2) What if a car from Canada will drive over border to US.
    3) What if a car was made in Germany - will the same standards apply?
    4) Or in China or Russia?
    5) Are U.S. lawmakers okay approving the same government access for US cars driving in said China or Russa?

    • 1) What if the same car will drive over to Canada.
      2) What if a car from Canada will drive over border to US.

      Pay for the full NA extended warranty or you may face data roaming fees as high as ".002 dollars per KB."

    • by pz ( 113803 )

      "with all new cars sold in the US"

    • by Bert64 ( 520050 )

      I would imagine it would only apply to cars *SOLD* in the US.
      It would not apply to foreign purchased cars temporarily being driven in the US (eg canadians taking a vacation), and probably wouldn't apple to unofficial imports of foreign sold cars.

      For german cars, you may find that only the US model includes this feature and cars sold elsewhere don't, or the manufacturer may find it's easier to just produce one standard model. This is already common, for instance some countries have more stringent safety or

  • by RightwingNutjob ( 1302813 ) on Sunday November 01, 2020 @04:50PM (#60672926)
    "It'll let anyone track your movements" as if it doesn't already
    "It reduces security and safety" like that data stream is secure by virtue of being obscure
    "No one needs that data to fix your car" sure...let's poke around some electronics without knowing what they're doing

    And more of the same.
  • this whole idea of "connected cars" feels creepy to me what point does it serve other than giving more data to be mined by advertisers? what prevents these cars from being hacked, or forcefully deactivated after they get so old? (theirs a large segment of the population that cant afford more than the $1000 "Road Beater" more I read this the more I think "you can have my air cooled V.W. Bug when you pry it from my cold dead hands"
    • Just keep that air cooled VW in the slow lane and let people pass.

      Replacing the antenna with a dummy load is not exactly hard.

    • Because we do not have adequate privacy laws. This stuff should all be opt-in.

      What we really need is a Constitutional Amendment that clarifies privacy rights in the digital age.

      • What we really need is a Constitutional Amendment that clarifies privacy rights in the digital age.

        Sure - because the Constitution is still taken seriously and the rights and protections it grants are consistently and vigorously protected and enforced. Where have you been the past few decades, and especially the past few years?

        • Given your comment and your sig, I can only assume that you are Marvin the Paranoid Android. The world's not perfect, but that's no reason to toss your hands up and declare attempts to improve the world to be pointless exercises.

    • by tflf ( 4410717 )

      this whole idea of "connected cars" feels creepy to me what point does it serve other than giving more data to be mined by advertisers?

      I have serious concerns about how data from connected cars may be abused and exploited (sold to thirds parties, handed over to law enforcement without a warrant, etc,) but there is an abundance valid and worthwhile reasons for having connected cars.

      Defect tracking: I would expect the data is constantly filtered for annommolies. Data from most, if not every, unit sold of a particular model would speed up defect tracking, reporting, and in theory, solutions. Example: If one catches fire while being driven in

  • > would get access to mechanical data through a mobile device application inb4 proprietary mobile app There will most likely be a requirement for a cloud service as well, as it would be too easy and secure to store everything on-device, so the mobile app will most likely be just a cloud client to access data uploaded by the telematics unit to it.
  • Don't like it? Vote with your Dollars.
  • by Shirley Marquez ( 1753714 ) on Monday November 02, 2020 @09:48AM (#60675230) Homepage

    Massachusetts has a right to repair law that guarantees access to essential repair data through the wired diagnostic port. That law has acted as the model for similar laws in other states. Carmakers are trying to circumvent the intent of the law by shifting toward using wireless data connections instead, which were not foreseen by the law and not covered, allowing them to reestablish a monopoly on repair of upcoming cars.

    Question 1 will ensure that independent repair shops have access to the data they need to continue to repair cars. It does NOT require that independent shops get access to location data, nor to telematics commands that allow the car to be remotely operated. The massive advertising campaign against Question 1 is being funded by car companies; it is a hugely misleading lie that is trying to discredit the proposed law by raising privacy concerns about data that the companies will not be required to disclose.

    Readers in Massachusetts: if you have not already voted and plan to vote on election day, vote Yes on Question 1. It's the right thing to do.

    • by kisrael ( 134664 )

      I believe Shirley has it right. Vendor lockdown wearing Sheep's Clothing of individual privacy concerns, with hypothetical future data dumps providing info for domestic abusers or something like that.

    • Readers in Massachusetts: if you have not already voted and plan to vote on election day, vote Yes on Question 1. It's the right thing to do.

      And while you're at it, vote Yes on Question 2, which implements a ranked choice voting system for all elections other than the President. It's supported by everyone except Republicans, who have successfully gamed the two-party system.

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...