Customer Logins

Obtain the data you need to make the most informed decisions by accessing our extensive portfolio of information, analytics, and expertise. Sign in to the product or service center of your choice.

Customer Logins
Discover more about S&P Global's offerings
Investor Relations中国汽车官网日本語サイト 한국 자동차 사이트
    BLOG May 15, 2024

    BriefCASE: Can data privacy concerns spoil the connected-car party?

    "Data is the new oil," as the adage goes. This is remarkably true for the automotive industry, where always-connected, software-defined vehicles are constantly exchanging data, updating in real time over the air. The mobility ecosystem is increasingly employing big-data analytics to gather actionable insights on customer behavior, understand product performance and gain competitive advantages.

    Where there's data, there could be data theft

    As cars transform into rolling data repositories, more lingering concerns over data privacy and security are beginning to hinder the full potential of connected cars, which collect a lot more data than expected. A typical connected vehicle can generate nearly 25 GB of data per hour and collect information from more than 100 different datapoints, thanks to embedded features including geolocation and navigation, companion apps, biometrics, voice recognition, on-board diagnostics and driver assistance.

    Additionally, cars can collect data in the background via cameras, microphones, sensors and connected phones and apps. Sensitive data captured from connected vehicles can include personal identifiable information (PII), location, behavior and financial data from customers, as well as intellectual property related to the vehicle and services provided.

    Data is also collected from users' browsing habits, test drives at dealerships, and from third parties such as marketing agencies and data collection providers to develop inferences about a driver's intelligence, abilities, characteristics, preferences and more. This sensitive data flows through many environments and platforms, both on-premises and in the cloud, and is susceptible to cyberattacks.

    Protecting the privacy of consumers

    Mozilla Foundation, a US-based nonprofit internet research organization, revealed startling findings on how automotive stakeholders are dealing with data privacy and protection. Mozilla researchers looked at the privacy terms of 25 global car brands and concluded that their cars were "the official worst category of products for privacy" they had ever reviewed. Also, according to a 2023 report from Upstream Security, data breaches account for 37% of all cybersecurity incidents and backend server attacks make up 40% of all cyberattacks in the automotive industry.

    Automakers have recently been exposed to numerous data-privacy and data-breach incidents, as underscored below:

    • In March 2024, a Florida resident alleged that General Motors captured and shared his driving data, including information about his speeding, braking and acceleration, with LexisNexis, which shared the data with insurers.
    • In 2022, Mercedes-Benz disclosed a data leak on the part of a third-party vendor that exposed the personal information of up to 1.6 million prospective and actual customers, including names, street addresses, email addresses and phone numbers.
    • In 2021, Volkswagen and its subsidiary Audi suffered a data breach affecting 3.3 million users.

    Most automakers provide options to opt out of unnecessary data-sharing, but these settings are often buried within menus. Moreover, opting out of data-sharing often comes with trade-offs, mostly requiring disabling useful or desirable features.

    List of companies active in automotive data privacy: GM, Porsche, Toyota, and Stellantis.

    Consumers think data sharing is risky

    More original equipment manufacturers are rolling out smart vehicles, putting hardware and software behind a paywall. Though there is a growing consumer appetite for software-defined vehicles that offer smart infotainment and advanced driver assistance systems features, buyers of new cars might not opt for features that require them to share personal data due to data security concerns.

    The sentiment was evident in the 2024 S&P Global Connected Car Consumer Survey. It revealed that over 70% of respondents are "very likely" or "likely" to share vehicle data for free services, however 69% of respondents attributed issues around data security and misuse as the two most important reasons why they may not be comfortable sharing data.

    Connected Car Consumer Survey Results - S&P Global Mobility

    As the automotive industry progresses rapidly toward software-defined vehicles, data privacy and cybersecurity have emerged as critical areas for automakers to harness the potential of such vehicles. With cyberattacks on the rise in the market, the success of a brand will depend heavily on ensuring a healthy balance between user data protection and data monetization. OEMs that move slowly on building expertise on secured data processing, either in-house or through partnerships, will find it difficult to navigate the complex landscape of vehicle cybersecurity.

    Author: Vivek Beriwal, Senior Research Analyst, Supply Chain & Technology, S&P Global Mobility

    Subscribe to BriefCASE: Our weekly AutoTechInsight newsletter featuring innovative automotive insights and expert analysis

    This article was published by S&P Global Mobility and not by S&P Global Ratings, which is a separately managed division of S&P Global.
    Previous Next
    Related Posts
    VIEW ALL
    VIEW ALL
    {"items" : [ {"name":"share","enabled":true,"desc":"<strong>Share</strong>","mobdesc":"Share","options":[ {"name":"facebook","url":"https://www.facebook.com/sharer.php?u=http%3a%2f%2fwww.spglobal.com%2fmobility%2fen%2fresearch-analysis%2fbriefcase-can-data-privacy-concerns-spoil-connected-car-party.html","enabled":true},{"name":"twitter","url":"https://twitter.com/intent/tweet?url=http%3a%2f%2fwww.spglobal.com%2fmobility%2fen%2fresearch-analysis%2fbriefcase-can-data-privacy-concerns-spoil-connected-car-party.html&text=BriefCASE%3a+Can+data+privacy+concerns+spoil+the+connected-car+party%3f+%7c+S%26P+Global+","enabled":true},{"name":"linkedin","url":"https://www.linkedin.com/sharing/share-offsite/?url=http%3a%2f%2fwww.spglobal.com%2fmobility%2fen%2fresearch-analysis%2fbriefcase-can-data-privacy-concerns-spoil-connected-car-party.html","enabled":true},{"name":"email","url":"?subject=BriefCASE: Can data privacy concerns spoil the connected-car party? | S&P Global &body=http%3a%2f%2fwww.spglobal.com%2fmobility%2fen%2fresearch-analysis%2fbriefcase-can-data-privacy-concerns-spoil-connected-car-party.html","enabled":true},{"name":"whatsapp","url":"https://api.whatsapp.com/send?text=BriefCASE%3a+Can+data+privacy+concerns+spoil+the+connected-car+party%3f+%7c+S%26P+Global+ http%3a%2f%2fwww.spglobal.com%2fmobility%2fen%2fresearch-analysis%2fbriefcase-can-data-privacy-concerns-spoil-connected-car-party.html","enabled":true}]}, {"name":"rtt","enabled":true,"mobdesc":"Top"} ]}
    Filter Sort