Senators have introduced legislation to establish federal standards to secure cars from cyberattack and protect drivers’ privacy
Washington (August 4, 2016) – Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.), members of the Commerce, Science and Transportation Committee, today sent a letter encouraging the Federal Communications Commission (FCC) to consider taking a number of steps to protect consumers’ safety and privacy as car manufacturers deploy vehicle-2-vehicle and vehicle-2-infrastructure technologies in their automobiles. These technologies use Dedicated Short Range Communications (DSRC) to share speed, direction data, and other transportation information to prevent accidents and reduce congestion. While these technologies are promising, they could increase vehicles’ vulnerability to cyber and privacy threats.
“We have entered the Internet of Things (IoT) era, where our cars, transportation infrastructure, and devices can all be interconnected,” write Senators Markey and Blumenthal to FCC Chairman Tom Wheeler.“But make no mistake, IoT can also be considered the Internet of Threats if appropriate safety, cybersecurity, and privacy safeguards are not put in place. We must ensure that these vehicles have robust safety, cybersecurity, and privacy protections in place before automakers deploy vehicle-2-vehicle and vehicle-2-infrastructure communication technologies.”
A copy of the letter to the FCC can be found HERE.
In July 2015, Senators Markey and Blumenthal introduced the Security and Privacy in Your Car (SPY Car) Act, legislation that would direct the National Highway Traffic and Safety administration and the Federal Trade Commission to establish federal standards to secure our cars and protect drivers’ privacy. The SPY Car Act also establishes a rating system — or “cyber dashboard”— that informs consumers about how well the vehicle protects drivers’ security and privacy beyond those minimum standards.
In 2015, Senator Markey released the report Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk, which detailed major gaps in how auto companies are securing connected features in cars against hackers. For example, only two of the 16 car companies had developed any capability to detect and respond to a hacking attack in real time and, and most customers don’t even know that their information is being collected and sent to third parties.