TRANSPORTATION SECURITYThe Impending Privacy Threat of Self-Driving Cars
With innovations often come unintended consequences—one of which is the massive collection of data required for an autonomous vehicle to function. The sheer amount of visual and other information collected by a fleet of cars traveling down public streets conjures the threat of the possibility for peoples’ movements to be tracked, aggregated, and retained by companies, law enforcement, or bad actors—including vendor employees.
Within a few years, fully self-driving cars have gone from science fiction to a very common reality for people in San Francisco with other places in the U.S. also testing the new technology. With innovations often come unintended consequences—one of which is the massive collection of data required for an autonomous vehicle to function. The sheer amount of visual and other information collected by a fleet of cars traveling down public streets conjures the threat of the possibility for peoples’ movements to be tracked, aggregated, and retained by companies, law enforcement, or bad actors—including vendor employees.The sheer mass of this information poses a potential threat to civil liberties and privacy for pedestrians, commuters, and any other people that rely on public roads and walkways in cities.
People’s aggregate movements–their commutes, visits to friends or loved ones, and trips to the doctor’s office or an attorney– could be compiled over time by a fleet of driverless vehicles, which pedestrians don’t suspect can be deputized by police.
Autonomous vehicles rely on more than a dozen cameras and sensors situated around the car in order to detect other vehicles, traffic signs, obstructions, and pedestrians. Because the most visible autonomous cars are operated by private companies, there is a lot that we do not know about the storage, security, and access regarding this footage. It is unclear, for instance, how detailed the footage is of pedestrians on the street or whether that footage is run through any image recognition. What capabilities do these vehicles have to collect audio? How long is this footage stored for? Who has access to it? What protections are in place to keep the footage private and safe? How do these companies comply with local and state-wide privacy laws like the California Consumer Privacy Act?
Another major line of questioning is the relationship between autonomous vehicles and law enforcement agencies. Bloomberg found at least nine warrants served to a self-driving car company in both San Francisco and Maricopa County, Arizona. According to a training document received by Vice in 2022, the San Francisco Police Department wrote: “Autonomous vehicles are recording their surroundings continuously and have potential to help with investigative leads…investigations has already done this several times.”
It is imperative that as more self-driving cars occupy our city streets, collecting vast quantities of data, that we have strong privacy laws that address both the personal data that the cars process and police access to that data. We also need a better understanding of how much footage police request access to and when, if ever, companies that operate autonomous vehicles will push back against overly broad requests. It is also essential that we learn whether police are given historic footage or real-time live access to peer through the cameras on the vehicles.
In the coming years, cities and regulators will have to have difficult choices when it comes to how autonomous vehicles should be able to safely operate. It is imperative that, in addition to pedestrians and driver safety, regulators consider the civil liberties implications for the tremendous amount of data and footage collected by these self-driving cars.
Matthew Guariglia is a policy analyst working on issues of surveillance and policing at the local, state, and federal level. This article is published courtesy of the Electronic Frontier Foundation (EFF).
