Andrea Amico: Privacy will become a selling point for vehicles in the near future
Consumer and business awareness is reshaping the auto industry towards the benefits of privacy, says Andrea Amico, the founder of Privacy4Cars, winner of the “Startup of the Year” award at AutoTech. Apple famously advertises “Privacy, that’s iPhone”, and the same positioning of privacy as a value proposition will enter the auto industry.
The European Union (EU) made a breakthrough regarding privacy by launching the General Data Protection Regulation (GDPR) in 2016, which opened the doors for an entrepreneur focused on securing privacy in the automotive industry, Andrea Amico.
Amico founded his startup, Privacy4Cars, in 2014, searching the type of data left used in vehicles and the threats coming along with them. “Leaving personal data in a car is a breach of GDPR”, Amico told Fleet Europe in 2021, and two years later, Privacy4Cars won the “Startup of the Year” award at AutoTech Europe.
The recently launched software-as-a-software (SaaS) tool Vehicle Privacy Report by Privacy4Cars today covers 300 million vehicles in the US and Canada, to be doubled with the addition of the UK and Europe. The tool lets consumers see all Personal Information (PI) and other privacy-related information collected and sold by manufacturers popular apps, as well as what safeguards auto finance, fleet leasing, and insurance companies may have put in place - and allow them to demand protections.
Calling their win at AutoTech ’a fantastic accomplishment’, Amico told us about Privacy4Cars’ mission of “Driving Privacy” and how connectivity is evolving the automotive industry and increasingly requiring privacy technologies and tools to be adopted.
Consumer awareness is exploding, and the automotive industry must care about privacy a lot. How much so? “I’ve been on more than 400 TV segments and radio and articles just in the last four months”, says Amico. For consumers, cars have gone from mechanical things they didn’t have to worry about in terms of privacy into massive data collection devices with major privacy implications, he adds.
The level of awareness consumers pay to privacy is the game changer in the industry. Additionally, as regulations thicken, automotive companies increasingly face the need to pay more attention to privacy compliance.
While consumers increasingly think of their cars as a very large smartphone, most still don’t fully understand the extent of data the cars collect and how this data is shared and sold to third parties, which eventually ends up being used in a manner that consumers don’t think they had agreed to. A recent report from the nonprofit Mozilla highlighted that cars are possibly the worst and least transparent consumer devices when it comes to privacy.
Two big problems
Consumers spend increasingly large amounts of hard-earned money on buying a car but are typically not told at purchase that their vehicles are connected, and just by buying or leasing their vehicle, they agree to give rights to many companies to collect, share, or sell their personal information. “That’s viscerally very upsetting to consumers”, says Amico, based on the feedback consumers leave on vehicleprivacyreport.com. “Consumers don’t like the idea of being traced, which school they go to pick up their kids, which hospital they bring their mother to, and so on”, he added.
Now, people are waking up to the reality that a place they consider as private as their home is not. According to Amico, this is not a backlash but a big moment of awakening within consumers and regulators on raising the bar on how important it is to look at cars.
There are two big problems concerning privacy in the auto sector, and both are easy to tackle if there is only the will to solve them, says Amico. The first is the lack of transparency. Privacy4Cars’ research shows that, when asked, less than 5% of dealer salespeople correctly tell consumers that the vehicle they test-drove can capture their personal information and that the manufacturer and other companies have the right to use, share, and sell this data. A recent study commissioned by the Europen Union confirmed that consumers are rarely presented with a simple piece of paper telling them what will happen with their data.
“Everything is buried in very long and hard-to-read privacy policies and terms. If dealerships do not know how to communicate that accurately and simply, how can companies claim they obtained informed consent from consumers?” So, Privacy4Cars created the Vehicle Privacy Report tool, a free resource informing consumers about the data privacy implications of a vehicle by simply entering their VIN.
The second issue is deleting the data stored in the vehicle when exchanging hands (e.g. at trade-in, after every rental, at lease return, etc.) so the personal data left in the car is not exposed to unauthorised parties (data breach under GDPR). Regulators are increasing their voice towards the depersonalisation of cars, which turns attention to Privacy4Cars, whose patented AutoCleared platform enables businesses to delete data efficiently and build automatic compliance records. So far, businesses using Privacy4Cars have deleted data from over one million cars.
Privacy4Cars always attempts to make privacy not just a necessary legal obligation but a way for businesses that embrace privacy to capture opportunities. For instance, their Vehicle Privacy Report not only provides information regarding car privacy to enable fair and transparent disclosures but doubles as a merchandising platform that builds loyalty trust, improves metrics on dealership pages, and aids with lead generation and retention. Securing privacy ends in a win-win strategy, with consumers eliminating their concerns over privacy and auto businesses increasing their bottom line potential.
The ‘Apple stance’
Like cyber attacks targeting fleets and companies are on the rise, privacy abuses will also keep increasing, says Amico. Historically, safety has been the biggest driver of innovation in the auto sector for the last 20 years, and Amico strongly believes that the next big wave of innovation will come from people’s digital safety.
“People want to feel safe, not just in physical but also in digital realms, and they can’t feel that way if companies extract more and more data from cars.” From this point, some auto companies will become the Apple of the industry, Amico says. “One reason Apple is the most valuable company is because consumers want to have the most private phone they can have. Volvo was the company urging safety 20 years ago, and we look forward to seeing the first OEMs taking a privacy stance in the future.”
As more connected cars will be on the roads and more competition among automakers, privacy will stand out as the best value proposition, says Amico.
Only ten years ago, extracting and selling data was thought to be the right thing to do. Now, it is changing. Auto finance (including OEM captives) and dealerships in the US are increasingly making consumer protection for data collected by vehicles a priority. Amico says it is barely starting in Europe despite the tighter regulations.
What is important to see?
Many companies still think they have no obligations regarding data, which is wrong, and ignoring the law won’t help, says Amico. The excerpt of a letter sent by the Information Commissioner’s Office (ICO), a data regulator in the UK, to a consumer advocate who shared it with Amico is critical for people to see, he says. The regulator, on the specific issue of data left in used vehicles put for sale, said:
● The controller is the entity that either owns the car or lawfully repossesses it.
● The controller will not have a lawful basis to process the personal data on the car, and they must, therefore, delete it.
● They must do this before giving another entity access to the personal data because this will always be a personal data breach.
● The controller would be responsible for the personal data breach.
“Remarketers should take this position to heart and step up their data protection programs”, advised Amico.
