Data Privacy, Security and Protection: Learning from Today's Toll Highways
•Download as PPTX, PDF•
0 likes•313 views
Presentation for the Transportation Research Board 2016 Annual Meeting.
Recommended
Recommended
More Related Content
Similar to Data Privacy, Security and Protection: Learning from Today's Toll Highways
Similar to Data Privacy, Security and Protection: Learning from Today's Toll Highways (20)
Recently uploaded
Recently uploaded (20)
Data Privacy, Security and Protection: Learning from Today's Toll Highways
- 1. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● North Texas Tollway Authority Data Privacy, Security and Protection: Learning From Today’s Toll Highways Thomas J. Bamonte (@TomBamonte) Assistant Executive Director, Strategy & Innovation Presented to Transportation Research Board 95th Annual Meeting Data Privacy, Security and Protection Policy Joint Subcommittee January 12, 2016
- 2. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● Toll highways and data generation Privacy/security concerns and responses Implications for automated vehicles Policy issues/research items 2 Agenda
- 3. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● Overview of Highway Tolling 3 Toll facilities in 35 states 2,900 miles of tolled interstates 6,000 total road miles 5.7 billion annual trips Tolls = approx. 30% of federal gas tax revenue 37 million RFID transponders in use
- 4. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 4 Mechanics of Electronic Tolling
- 5. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 5 Pay-by-Plate Customers
- 6. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 6 Trip Data Collection
- 7. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 7 Registered Owner Information Personal information Home address Home phone Email address License plate Credit card information Vehicle type/color/VIN Sources Customer accounts DMV data Collection efforts
- 8. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 8 Roadway Camera Coverage
- 9. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 9 Toll Violation Enforcement: ALPR
- 10. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 10 HOT Lane Enforcement
- 11. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 11 “Black Box” Event Data Recorders Capture crash-related data Pre-crash vehicle dynamics and system status Driver inputs Vehicle crash signature Restraint usage/deployment status Post-crash data such as the activation of an automatic collision notification system Installed in most vehicles—NTHSA mandate forward
- 12. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 12 Emerging Tolling Methods
- 13. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 13 Current Protections of Tollway User Privacy Transponder customer agreements Customer account and trip data shielded from general disclosure; use allowed – When conducting tolling business In response to court order (e.g., warrant) When aggregated/anonymized (e.g., traffic studies) High data protection standards in place (e.g., PCI compliance)
- 14. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 14 State Law Protections Customer account information & trip data = FOIA exception Mandated privacy policies & data security requirements Laws governing ownership & use of event data recorders General data security & breach notice requirements ALPR regulation
- 15. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 15 Federal Law Protections Drivers Privacy Protection Act Various consumer law protections Federal legislation introduced to protect locational privacy— including vehicles Jones & Riley decisions
- 16. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 16 Established Principles Customer account and trip data shielded from general disclosure; use allowed: When conducting tolling business In response to court order (e.g., warrant) When aggregated/made anonymous (e.g., studies) With high data protection standards (e.g., PCI compliance) By tolling authority with vehicle owner’s consent By third parties with vehicle owner’s consent
- 17. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 17 Looking Ahead… Old Days: Muscle Engine
- 18. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 18 Sophisticated Computing/Sensor Capabilities These Days: Muscle Memory World’s First Al Supercomputer for Self-Driving Cars NVIDIA DRIVE PX 2 12 CPU cores | Pascal GPU | 8 TFLOPS | 24 DL TOPS | 16nm FF | 250W | Liquid Cooled
- 19. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 19 Sophisticated Computing/Sensor Capabilities Tomorrow: High Sensory Capabilities
- 20. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 20 Vehicle as Highway Data Generator
- 21. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 21 OBD-II Telematics/Vehicle Behavior Monitoring Drivewise by AllstateVinli
- 22. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 22 Driver Fitness Monitoring/Vehicle Customization
- 23. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 23 Vehicle-to-Cloud Connections
- 24. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● Vehicles as Mobile Commerce Platforms Every vehicle becomes a shopping tool Vehicle adjusts to stored preferences of the occupants Data sharing between vehicle and merchants Targeted advertising Targeted discounts Convenience reminders— e.g., time for oil change
- 25. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 25 Vehicle-to-Vehicle Connections
- 26. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 26 Vehicle Fleets/Vehicle Ownership • Private vehicle ownership supplanted by vehicle fleets • Auto travel takes on transit/airline characteristics o Passenger not driver o No vehicle ownership o Customer data generated and held by provider
- 27. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 27 Automated Vehicle Implications • Every vehicle akin to a toll highway customer vehicle • Vehicles are mobile commerce platforms • Vehicles harvest/share data about occupants and travel patterns • Vehicle ownership supplanted by multi-modal fleets o Travelers become passengers o Vehicle gather/share massive amounts of data
- 28. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 28 Automated Vehicle Security/Privacy Challenges • Vehicle hacking threat o Legislative response: SPY Car Act • Data security breaches o Mobile commerce o V2V o V2I o Highway agencies o Fleet operators o App integrators
- 29. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 29 Challenges: Unrelenting Gaze and Automated Vehicles Extensions into law enforcement “Taking over” vehicle for safety/traffic management Sponsored ads in visual stream on dashboard Sale of customer data V2X data sharing Will surveillance state/economy prompt a consumer backlash?
- 30. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 30 Research/Policy Issues Who owns/controls data generated by vehicle? Can individual control of vehicles be overridden to maximize safety/efficiency/crime prevention? Do common carrier rules apply in the case of driverless cars/fleets? What privacy rules apply in fleet services? Will commercialization of vehicles obviate need for transportation-specific regulation of privacy/security? Can driver monitoring be mandated for non-robot drivers?
- 31. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● Our Mission North Texas Tollway Authority Provide a safe and reliable toll road system Increase value and mobility options for customers Operate the Authority in a businesslike manner Protect our bondholders Partner to meet our region’s growing need for transportation infrastructure
- 32. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 32 Vehicle-to-Merchant Data Mining/Use Google Car as platform for searches Vehicle displays targeted advertising from nearby merchants • iBeacon for automobiles Consumer data privacy issues similar to other devices/platforms
- 33. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 33 Highway User Information Collected Customer Account • Home address • Personal financial information • (Non)payment information Vehicle ID – license plate and VIN Vehicle Occupant Data Travel Pattern Data •Time, place, direction, vehicle •Speed derived •Years of data Vehicle Operation & Event Data
- 34. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 34 Lessons Highway authorities are increasingly high-volume consumer businesses with concrete Connected vehicle raises multiple privacy concerns not addressed by existing toll authority-customer framework Managing the technologies that put vehicle travel under an unrelenting gaze pose pressing challenges in near future
- 35. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 35 Growing Transponder Account Customers
- 36. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 36 Challenges: Unrelenting Gaze ALPR deployed widely but not regulated GPS data uploaded from smartphones 24/7 video surveillance Peering inside cars with infrared M2M data sharing Will surveillance state/economy prompt a consumer backlash?
- 37. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 37 What Lies Ahead: Connected Vehicles Connected vehicle applications provide connectivity: Among vehicles to enable crash prevention Between vehicles and the infrastructure to enable safety, mobility and environmental benefits Among vehicles, infrastructure, and wireless devices to provide continuous real-time connectivity to all system users
- 38. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 38 Vehicle-to-Infrastructure Data Mining Highway authorities may have interest in harvesting data o Safety: Identify vehicles behaving erratically o Payment: Identify vehicles for toll payment o Enforcement: Identify stolen vehicles or vehicle involved in commission of crime o Identify: Hazardous situations (e.g., swerving around object) and communicate downstream o Traffic management: Immediate notice of slowdowns and congested areas
- 39. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 39 Overview
- 40. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 40 U.S. Toll Highway Network
- 41. ● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ● 41 Conclusions Transportation lawyers will have to become privacy law experts Highway authorities becoming more like utilities w/ associated consumer business issues Toll highway authorities have head start on managing customer relationships & protecting trip data Highway travel subject to intensive surveillance Patchwork of state laws may be reflective of limited public concerns about privacy to date That may change. . . .
Editor's Notes
- 2
- 3
- Pay-by-plate is currently a more cumbersome billing collection process, complicated by poor name/address information at many DMVs and the lack of a national standard format for license plates. Tolling authorities work from license plates and with DMVs to get the home addresses of vehicle owners and send them bills. Toll authorities are using technology improvements to turn pay-by-plate users into good-paying customers with similar kinds of accounts.
- In addition to customer account information, toll authorities collect vast amounts of trip data from the vehicles passing by tolling points. NTTA has almost 700 million transactions annually and it is only the 10th largest tolling authority in the country. This is a massive data trove showing how, where and when folks in North Texas get around down to the last second.
- But there’s more going on out there on the roadways. Now that toll booths have been removed, toll violation enforcement has taken on new importance. One important tool that NTTA is deploying through our law enforcement partner is automated license plate readers. Fixed and mobile ALPR units read the license plates of every passing vehicle. This information is cross-checked against toll violator databases and violators can be intercepted. Note that law enforcement agencies—especially at the local level—are making heavy use of ALPR technology for other law enforcement purposes. Combine tolling databases with ALPR databases and you get a massive regional database of trip data.
- The next step may be peering inside the vehicle at the occupants. Highway authorities—but not NTTA I might add—are testing new infrared technology to help enforce HOV and HOT lane vehicle occupancy requirements. Getting a heat signature from a human as opposed to a dummy can result in detailed portraits of the vehicle occupants.
- Let’s not forget that the vehicles themselves are generating mountains of data, captured by black box event data recorders and other onboard devices. Vehicles now are rolling out with 100 million or more lines of software code.
- New tolling methods are emerging from private companies using the smartphone GPS and camera functions. These methods will complement and may someday replace traditional tolling. What this means is that private companies, in collaboration with public tolling entities, will be collecting the same kind of detailed locational data by customer vehicle.
- The challenge is the unrelenting gaze on highway use. Keys to manage = (1) Give opt-in wherever possible; (2) Be wary of sharing individualized data with third parties, even other public entities;
- The connected vehicle also has the potential for roadside business to tap into data flows and send targeted ads to the occupants of vehicles in the vicinity. Will consumers view these ads as digital intrusions or accept them as the price of, for example, leasing their vehicle at a lower rate? This might be a situation where customer opt-in is important. Highway authorities won’t want to breach customer privacy in this way w/out consent.
- Through all these current technologies we gather mountains of information about motorists, their vehicles, and their travel. We have customer account information, like a Target or Macy’s. We know what vehicles are on our system and when and we are even able to discern who may be in vehicles. The vehicles themselves are gathering data about their own behavior.
- XTRA Slide.
- Nationwide, there are about 50 million vehicles equipped w/transponders already. Each of them are linked to a customer payment account with address and payment information. Payment comes automatically at the time of travel. These are big consumer businesses.
- The challenge is the unrelenting gaze on highway use. Keys to manage = (1) Give opt-in wherever possible; (2) Be wary of sharing individualized data with third parties, even other public entities; and (3) whenever highway user privacy is at stake, make sure there is sufficient transportation benefits to make the legal/political risk worth running. Black box laws may become model: (1) data belongs in first instance to vehicle owner; (2) common sense exceptions—e.g., court order; and (3) vehicle owner can opt out. When buy car make these kind of choices. Riley will be extended to limit law enforcement overreach when it comes to vehicle tracking and data mining.
- XTRA Slide
- Highway authorities and law enforcement may have interest in harvesting data from passing connected vehicles. The more we know about what is going on with the vehicles on our system—number, speed, occupancy and the like, the better with can adjust speed limits, pricing, deployment of service vehicles, etc. Can we as public agencies find the appropriate balance between effectiveness and intrusiveness? Opt-in to suite of services—knowing waiver of privacy rights.
- Thank moderator. This happy and dated vision of driverless vehicles unwittingly illustrates the truth that connected/automated vehicles and their occupants will operate under the gaze of multiple eyes—highway authorities, law enforcement and commercial enterprises. While I don’t think privacy issues will derail the rollout of such vehicles, I do think that as transportation lawyers we will have to become much more familiar with privacy issues as a standard part of our practice. I am here to share what I know from my experience as a lawyer for the toll road authority serving Dallas-Fort Worth area. I’m humbled by what I don’t know.
- As I’ve started learning, transportation lawyers are going to have to become privacy law experts. We have to recognize that transportation is evolving into a high-volume retail customer service business with all of the associated legal challenges that entails. While toll authorities have a good head start on these issues, neither our customer agreements nor state law address the intensive surveillance of our roadways. Of course, the limited patchwork of state law may indicate that the public isn’t too concerned about roadway privacy issues. If we and our clients fail in our job of finding the appropriate balance between utility and privacy, that may change.