GAO: Feds lag in vehicle data policy

automated car 

As the auto industry evolves and more vehicles are outfitted with smart capabilities, consumers can expect more of their personal information to be collected and shared.

There's no uniform standard, but automakers report collecting data on location, driver behavior, vehicle health and driver use of onboard entertainment and communications. Data can be used to support roadside assistance plans, conduct usability and other product research, and even market products and services to motorists.

The federal government’s role in overseeing that data collection is unclear, as are rules for storing and sharing such information.

According to a recent Government Accountability Office report, the National Highway Traffic Safety Administration and the Federal Trade Commission are best positioned to take on the vehicle safety and consumer protection challenges.

Auditors said NHTSA needs to better define and communicate its own policies for connected vehicle data. The agency mandates safety standards for passenger vehicles and can issue voluntary safety guidance, but it has no clearly defined regulatory responsibilities for consumer privacy.

The agency is wading into the regulatory challenges posed by vehicle-to-vehicle communications technology. In a proposed rule mandating V2V technology, NHTSA sounded an optimistic note about the promise of such communications to improve road safety but noted that various challenges, including cybersecurity and privacy, "could prevent this promising safety technology from achieving sufficiently widespread use throughout the vehicle fleet to achieve these benefits."

Paul Brubaker, president and CEO of the Alliance for Transportation Innovation, agreed that NHTSA needs to clarify its role with regard to privacy policy but cautioned that limits should not be imposed on the data vehicles can collect.

"Anything that would have a chilling impact on the ability to gain situational awareness or improve safety is a bad thing," he said. "I'm for more data use, not less."

Privacy concerns are "not a simple subject," Brubaker acknowledged, but he urged greater use of anonymized data with the caveat that driver safety remain the priority. "If there is a safety of life deficiency identified to a particular [vehicle], wouldn't you want to be informed?" he asked.

"I don't want NHTSA calling for all of the data coming off of the vehicles," he said. Instead, he'd like to see "an independent, third-party, nongovernment entity accessing the data, performing the analysis and informing NHTSA. The analysis can also be subject to independent audit and/or peer review."

But the effort is not solely up to NHTSA because the FTC has the authority to take legal action against companies over privacy matters, and it has a recent focus on safeguarding consumer privacy issues that are emerging as challenges from the constellation of connected devices in the internet-of-things sector.

Generally, the FTC has been wary of such regulation. An agency spokesperson told FCW that the FTC is reviewing the report and will work with NHTSA and other federal partners.

About the Author

Ben Berliner is an editorial fellow at FCW. He is a 2017 graduate of Kenyon College, and has interned at the Center for Responsive Politics and at Sunlight Foundation.

He can be contacted at

Click here for previous articles by Berliner.


  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.