Who Owns Your Black Box Data?

When a crash triggers the Event Data Recorder, who has a right to the information? The police, the automaker, the insurer, the driver, and crash victims may all clamor for a peek into the black box to find out what really happened. Privacy advocates are launching a grassroots campaign to ensure that the black-box crash data stays securely in the hands of the vehicle owner. The National Motorists Association is calling on the public to sign a White House petition to include a provision in the new transportation bill that mandates a lockable cover to the EDR’s data port.

The NMA has until May 22 to gather 25,000 signatures, the threshold required to solicit a response from President Obama on the proposal to amend Senate Bill 1813. This measure within the federal transportation bill, which has had an agonizing and slow birth, requires all vehicles manufactured after September 2015 to be equipped with an EDR capable of capturing a wide range of data points under a specific list of crash conditions and within certain parameters of accuracy. The bill requires automakers to make third-party data readers available to the public and contains language covering the ownership of the data. Currently, 13 states address the privacy aspect of EDR data in their laws, but there is a lot of variability in what protections they afford vehicle owners.

“We say that when the customer drives off the lot with a new vehicle, the customer owns more than the vehicle — they own the data that the vehicle generates. Under this law, there are no ways or means for customer to control it,” says Thomas M. Kowalick, chairman of the Institute of Electrical and Electronic Engineers’ (IEEE) global standards development for Motor Vehicle Event Data Recorders.

The IEEE standard requires the use of a lockable cover to block access to a vehicle’s most commonly accessed EDR data port, called the Data Link Connector (DLC), preventing unauthorized access and making the vehicle owner the gatekeeper of the data. Kowalick is spearheading a high-profile petition effort to urge policymakers to adopt this requirement.

Like other automotive technologies, EDRs migrated from avionics without the oversight and technical robustness. In the public’s mind, a vehicle EDR is an infallible and objective observer of the events leading up to a crash, but the reality is much more complex and nuanced.

More than 90 percent of the U.S. fleet is equipped with EDRs, but they represent various generations of the device. Initially adopted to measure airbag deployments, many of the early versions measure Delta V (change in velocity), occupant restraint usage, the response of the airbag sensors and little else. The technology has since evolved. In 2008, the National Highway Traffic Safety Administration completed a rulemaking that did not mandate EDRs, but established uniform criteria for event recorders’ data collection, survivability and data formatting that were voluntarily installed. The rule mandated that the consumer be informed of the EDR’s presence in the vehicle via a statement in the owner’s manual, along with an explanation of how it works.

NHTSA is now considering a rule that would mandate EDRs in new vehicles. But, a number of issues remain unaddressed. For example, EDRs don’t always record data accurately. In a study by Rowan University and NHTSA researchers entitled, Evaluation of Event Data Recorders in Full Systems Crash Tests, the authors examined Ford and General Motors EDRs. They concluded:

“The majority of the EDRs examined in this study did not record the entire event. In one-third of the GM tests (10 of 30), 10 percent or more of the crash pulse duration was not recorded. In two of the four Ford tests, the last 100 ms of the crash pulse was not recorded. A data loss of this magnitude would prevent a crash investigator from using an EDR to even estimate the true delta-V of a vehicle.”

In a presentation, GM’s then Executive Director of Vehicle Safety, Robert C. Lange noted that when using EDR data, one must always account for and correlate data with physical information. In Mary Acker v. General Motors, the EDR recorded an air bag deployment but the air bags did not actually deploy. In Prudencia Sanchez v. General Motors, the EDR download indicated that the driver’s seat belt status was buckled in the non-deployment event and unbuckled in the deployment event that occurred immediately afterwards.

In addition to accuracy, there is an issue of data integrity. The current crop of EDRs allows operators to over-write and erase data. You can watch demonstrations of such software and buy them from purveyors hawking their crash data erasure products on YouTube.