Self-Driving and Autonomous Cars - Why We Should Be Concerned

July 6, 2017 Avani Desai

Originally published on www.industryera.com

You’ll probably have heard about a recent high profile crash during the testing of the Tesla Model S autonomous car. During the crash, which occurred in July 2016, the car allegedly was unable to distinguish between a high-back white truck and the sky. As a result, it purportedly drove full speed under the carriage of the truck, killing the test driver. (It should also be noted that, at the time, the test driver was allegedly watching a movie on an in-car screen.)

A tragic situation like this serves as a case in point about the amount of trust we have already placed in self-driving cars. Yes, the development of these cars is exciting, and is a natural next step in car evolution—but what is the price we are paying for this autonomy?

Self-Driving Cars - What’s All the Fuss About?

Often called a self-driving car, an autonomous car works without human interaction to drive its passengers from A to B. You can get fully autonomous and partially autonomous cars—the fully autonomous being entirely self-driving. These cars use a toolbox of different sensor types and cameras to build up the necessary data to make driving decisions.

Self-driving cars are something that human beings have toyed with, even if just as a sci-fi type idea, since cars were invented, and so, the fact that functioning autonomous cars are emerging as viable options is not that surprising--in reality, cars have been evolving to include autonomous features for years. The benefits of such vehicles are well-documented, and now, after a series of increasingly complex ‘upgrades’, the fully autonomous car has added features such as parking alarms and anti-brake technology. The current market size for autonomous cars has been predicted to pick up pace over the next decade, with Boston Consulting expecting that 12 million autonomous cars will be sold per year by 2035.

Autonomous vehicles aren’t just a science fiction fantasy come to life. For example, self-driving trucks are expected to cut fuel consumption by 10% and will also provide additional safety benefits for everyone on the road. Statistics indicate that 94% of road accidents are attributed to human error; remove the human and the argument implies that such a change is bound to improve safety. Recent test experience also supports that autonomous cars are safer for everyone--Google's autonomous car fleet has driven over 700,000 miles with just four minor accidents so far.

If we can improve passenger safety, reduce fuel consumption, and make the driving experience less stressful, what’s not to like about self-driving cars? But, as they say, there’s two sides to every story.

Who to Kill?

Ethical and legal issues also arise in autonomous driving revolving around making programming decisions in life-and-death situations. When driving, human beings are forced to take incredibly complex high-speed visual, auditory and tactile sensory inputs, and to then make the life-and-death complex mathematical calculations and decisions in a split-second basis. Many argue that computer systems are better at these kinds of tasks than humans. However, computer systems lack independent thought and must be programmed in advance to deal with these life-and-death decisions—the "who to kill" analysis must be hardwired into the car itself. Here’s an example: if a self-driving car cannot stop in time and must either collide with an obstacle and potentially kill the passenger, or swerve into (and potentially kill) a pedestrian, what decision should the programmers make? And should the purchaser of an autonomous automobile have the ability to make choices regarding life-and-death decisions they may encounter? Generally, these questions are addressed by teams of ethicists, programmers, and lawyers working in tandem, but they will certainly be second-guessed by courts and victims of accidents in the future.

Autonomous Cars - What Are the Driving Issues of the Day?

Not only are autonomous cars generating big picture discourse on multiple ethical and legal levels, but they also are creating new personal issues for individual drivers. By design, these vehicles are Internet-enabled; they are part of the Internet of Things (IoT). And though this sounds great, because interconnectivity and data sharing can have some positive merit, it is this shared personal data that opens areas of concern, especially around privacy and security. Autonomous cars are being built with a full spectrum of IoT enablement, from in-vehicle operating systems to on-board Wi-Fi communication devices, various sensors, voice activation, geo-location tracking, and analytics. A self-driving car, even the partially autonomous version, is the Internet on wheels. With one of those, all the information about the use of the vehicle--where you are at any given time, who you are communicating with, even what you are watching while that car is in motion—is collected and analyzed. Where we once had the feeling of privacy within our own vehicle, where we could close the door, and close out the world, now, that vehicle can shout our every movement to the world.

Privacy vs. Safety - What Will Win?

All our autonomous cars-based data is collected and sent to cloud servers for drive information and use by related services, but it is the connectivity between the data that is of the greatest interest. For example, insurance companies will offer incentives to share this data - better driving will reap better insurance premiums. But what if your data shows information that is private to you, such as visits to certain establishments? Because everything is monitored by these innovative vehicles, there are no exceptions. All your data will be collated and analyzed - in effect, your life will be mapped out in an at least semi-public arena.

Car hacking is also possible, and highlighted by several white hat hackers attempting to bring focus into this area of cybersecurity. There have been a number of high profile hacks of IoT cars, including the Department of Defense’s demonstration of how easy it is to hack an autonomous car because of the lack of basic security built into the vehicle.

The privacy and security of autonomous vehicles are part of the new era of IoT privacy issues. Our safety and vehicle optimization is important, and we shouldn't hold back progress, but it doesn't have to come at the cost of information security. To address this, there are movements to try and set standards and laws to regulate this area. 

Privacy concerns are now being taken seriously by the automotive trade. In a letter to the Federal Trade Commission (FTC) a number of automotive bodies wrote concerning,

"Consumer Privacy suggesting that the industry adopt a framework of seven principles that would effectively protect consumer privacy from the advancement of vehicle technologies."

Current U.S. legislation around autonomous cars is patchy and has little or no reference to security or privacy. However, Senators Markey and Blumenthal are calling for the protection of drivers privacy and prevention of car hacking through their bill, the SPY Car Act which calls for anti-hacking measures to be applied to all consumer vehicles manufactured within 2 years of the bill being agreed. The bill also covers data collected from the vehicle, which should be secured, and sets penalties for noncompliance. 

As technology continues to advance, and cars continue to grow increasingly sophisticated, with all the benefits of such vehicles also comes new debates regarding security of data. Though the tech remains ahead of the legislation now, with legal weight being added by Markey and Blumenthal and the backing of the automotive industry, we can have some hope that privacy matters will be taken seriously as a driving force for the good of individual drivers.

About the Author

Avani Desai

Avani Desai is a Principal and the Executive Vice President at Schellman. Avani has more than 15 years of experience in IT attestation, risk management, compliance and privacy. Avani’s primary focus is on emerging healthcare issues and privacy concerns for organizations. Named as one of the 2017 Global Leaders in Consulting by Consulting Magazine she has also been featured and published in the ISSA Journal, ITSP Magazine, ISACA Journal, Information Security Buzz, Healthcare Tech Outlook, and many more.

More Content by Avani Desai
Previous Article
HIPAA Misconceptions Still Plague Healthcare Providers
HIPAA Misconceptions Still Plague Healthcare Providers

Even after years of living with HIPAA and its many requirements, healthcare providers still labo...

Next Article
Building a Security Program to Fit Your Enterprise
Building a Security Program to Fit Your Enterprise

Originally published in the ISACA newsletter

×



Subscribe now
to receive content updates once a week

First Name
!
Success
Error - something went wrong!