At CES 2016, we discussed the implications of security and privacy with Stacy Higginbotham of Fortune Magazine, as well as industry insiders from the U.S. Department of Transportation (USDOT), General Motors, AAA, IDESG, C3 Group and NXP. Following are highlights from the discussions held during both private and public panels on Wednesday, January 6.
Everything is connected, from our cars to our bodies to our children’s toys. The relentless progression of technology is connecting our lives at an unprecedented speed. And it’s creating a lot of data – as well as privacy concerns.
But as we add more mobility and connectivity, critical questions remain. How can we trust the technologies we rely on every day? How can we defend our digital selves? What’s needed to fully realize the potential of new technologies?
As real-time connectivity between our devices, homes and cars grows, the stakes for security are getting higher. Headlines about recent hackings, from Andy Greenberg’s Jeep Cherokee to the iconic Barbie doll, highlight the vulnerabilities we face in our increasingly connected world.
Security by design, privacy by design and collaboration
The Internet was built without security in mind. And now, 20 years after its creation, we are challenged with making it reliable and secure – but that comes at a cost. Sami Nassar, VP of Cyber Security solutions at NXP, added that by creating solutions that meet a security by design, privacy by design model, we can create a cost-effective ecosystem that’s reliable and safe for the transportation and smart connected devices markets.
The automotive ecosystem — transportation and government, semiconductor companies, car OEMs, insurance companies, law makers and others — must collaborate to ensure that system-level standardized approaches and privacy and security standards are adopted.
Much like the functional safety standard for the automotive market, we need a functional standard for security and privacy, which will set expectations across the industry, according to Lars Reger, Automotive CTO for NXP. And we should borrow security and privacy practices from healthcare, financial systems and government identification markets, and apply the same security and privacy rigor to solutions for the connected car.
— NXP (@NXP) January 6, 2016
We talk about the Internet of Things, but what about the Identity of Things?
From your car to the smart home gadget you bought at Best Buy, you’re generating a lot of data. Where does that information go? Who has control of that information? How are we dealing with that information? Do companies have consent to use the information?
Marc-Anthony Signorino, Executive Director for the Identity Ecosystem Steering Group (IDESG, Inc.), shared the growing concern about data privacy, and offered his perspective on the importance for companies to be transparent. If a device maker or service provider is collecting data, the consumer needs to know what data is being collected and how it will be used. This needs to be communicated in a straight-forward, easy-to-understand way. Furthermore, consumers should be able to opt in or out of sharing – and not be penalized if they don’t want to share their data.
Our cars contain a lot of data about us, from our driving habits to our personal contacts. If you sell your smart phone, you can easily press a reset button that deletes all of your contacts and private information. But if you sell your car, there’s no obvious way to push a button to clear the data. Soon we’ll start to see car makers voluntarily add a feature to enable the deletion of data from the car by its owner, according to Reger.
Reger shared a model that gives consumers a valuable service or discount in exchange for their data. Similar programs are underway with at least one insurance industry: Drivers can provide their car-generated data to insurance companies, and in return receive a better rate.
What are the biggest challenges for autonomous driving?
A poll of our CES audience found that a majority of people thought a fully autonomous car would be on the market in 10 years.
What does that mean for driver training? Licenses? Skills to drive? How we design our cities?
And, there’s the law. Is an autonomous car legal under most jurisdictions? In some countries, the law states that you must have control of the car at all times – so what does this mean for autonomous cars?
Today, about 80-90 percent of car crashes are driver error, according to Jill Ingrassia, Managing Director, Government Relations and Traffic Safety Advocacy Department, AAA and Chairman of the ITS America Board of Directors. From now until we have autonomous cars, our vehicles will roll off the assembly line with a range of features. This means that operators will need to be trained to use these – 30 seconds at a dealer is not enough time to learn how to drive.
Frankie James, Managing Director, Advanced Technology Silicon Valley Office at GM, felt the biggest challenge was user acceptance. While a lot of people are excited about it, they are also nervous to let a computer take them for a drive.
Ken Leonard, Director of the U.S. Dept. of Transportation (USDOT) Intelligent Transportation Systems Join Program Office, added that what we see as an acceptable crash in a computer is not an acceptable crash in a car. You can’t just reboot from a car crash.
— NXP (@NXP) January 11, 2016
Autonomous cars come with many safety benefits, but key decisions on safety and regulations must be made, as well as education. There were many points made during the two sessions on security and privacy held at CES. Some of the ideas talk about the world we live in today, and some about the world of our not too distant future. Continue to follow NXP as we explore these topics that will affect all of our lives in our Smarter World.