U.S. Senators Amy Klobuchar (D-MN) and John Hoeven (R-ND) reintroduced their Driver Privacy Act, legislation that protects a driver’s personal privacy by making it clear that the owner of a vehicle is also the owner of any information collected by an Event Data Recorder (EDR).
An EDR is an onboard electronic device that has the ability to continuously collect at least 43 pieces of information about a vehicle’s operation. This includes direction, speed, seatbelt usage and other data. The senators’ legislation would ensure that the vehicle owner controls the data and their personal privacy is protected.
The National Highway Traffic Safety Administration (NHTSA) estimates that more than 96 percent of new 2013 car models are currently equipped with an EDR, but in December 2012 the agency proposed rules that would mandate the installation of EDRs in all light-duty vehicles. The proposal raised widespread questions and concerns regarding the ownership of the data. NHTSA has said it lacks the regulatory authority to address privacy concerns regarding EDR data, which prompted Senators Hoeven and Klobuchar to craft legislation that would protect drivers anywhere in the United States.
“New vehicle technologies can help improve safety, but they can also raise concerns about how this information is used,” Klobuchar said. “This commonsense bill would help protect driver privacy by making clear that the owner of a vehicle also owns the data recorded by the vehicle.”
“Under this legislation we make sure that the information recorded by the EDR – the electronic data recorder in your car – is information that you retain and control so that your privacy is protected,” Hoeven said. “While EDRs can serve a useful function by helping to make cars safer, access to the data should be treated as personal except under very specific circumstances. Our bill makes clear what those circumstances are and helps to ensure that government and other entities respect the Fourth Amendment rights of Americans.”
Fifteen states, including North Dakota, have passed laws related to EDRs. States with laws protecting drivers’ ownership of EDR data include Arkansas, California, Colorado, Connecticut, Delaware, Maine, Nevada, New Hampshire, New York, North Dakota, Oregon, Texas, Utah, Virginia and Washington.
These state laws, however, apply only in the states that have them; drivers are unprotected in states that do not. To address privacy concerns regarding the device, the Hoeven-Klobuchar legislation specifies that data from an EDR may not be retrieved in any state unless:
- Authorized by a court of law;
- The vehicle owner or lessee consents to the data retrieval;
- The information is retrieved pursuant to a National Highway Traffic Safety Administration (NHTSA) recall and all personally identifiable information is not disclosed;
- The information is retrieved in determining the need for emergency medical response following a motor vehicle crash (used in vehicles equipped with Advanced Automatic Crash Notification systems);
- The information is retrieved for traffic safety research.
The bill also increases privacy by requiring NHTSA to conduct a study on the amount of time event data recorders installed in passenger motor vehicles should capture and record for retrieval vehicle-related data in conjunction with an event, as well as require the Administrator of NHTSA to promulgate regulations based upon the study.
SOURCE: Senator Amy Klobuchar