Federal Standard Needed to Regulate Access to Telematics Data, Panel Says

October 14, 2019 5:21 pm Published by Leave your thoughts
A panel at the Sept. 12 ASA Technology & Telematics Forum discusses vehicle-data access. From left to right are: Frank Leutz, owner of Desert Car Care of Chandler in Chandler, Arizona; Bob Passmore, assistant vice president, personal lines policy, for the American Property Casualty Insurance Association; Josh McFarlin, vice president of strategic business operations for AirPro Diagnostics; and Jason “Buck” Zeise, mechanical operations manager at LaMettry’s Collision in Minneapolis.

Unlike the phase-in of OBD II in the early 1990s, the emergence of telematics technology has occurred without federal or industry standards to provide a framework for how it should be used and who can access the data it generates.

And a framework is exactly what’s needed to ensure a fair playing field for all stakeholders, an industry panel agreed at the Automotive Service Association’s Technology & Telematics Forum in Troy, Michigan.

The lack of standardization regarding access to telematics data is one of the biggest differences between OBD II in the 1990s and telematics today, asserted Josh McFarlin, vice president of strategic business operations for AirPro Diagnostics, a Jacksonville, Florida-based provider of scan tools and diagnostic services.

“We don’t have SAE jumping in and saying, ‘Here are the rules to play by,’” McFarlin said during the Sept. 12 forum.

Compared to the introduction of OBD II, the stakes are much higher today. New cars, trucks and SUVs have the capability to generate a treasure trove of data about the vehicle and the vehicle owner, presenting data-privacy concerns for consumers and data-access concerns for independent repairers.

“In the ‘80s and ‘90s, we all wanted access to the vehicle data, but we were only looking at one module – the engine control module – and that was the only module on the car. And it only dealt with emissions,” said Jason “Buck” Zeise, mechanical operations manager at LaMettry’s Collision in Minneapolis. “Now there are 200-plus modules on a car, and how many of them are dealing with emissions? Maybe a handful of them. I need to fix all of these modules. I need access to data, bidirectional control, repair procedures. I need this vehicle data and OE data so I can repair these cars the right way.”

To protect the vehicle owners’ data, Zeise wonders if regulations similar to the medical industry’s HIPPA rules are needed. He recalled one instance in which a customer brought in a collision-damaged Porsche that the customer’s insurance provider eventually declared a total loss. Months later, the customer received a phone call from a man in Saudi Arabia asking if he still had the second keyfob for his former vehicle.

“How did he get ahold of him? All of his data was still in the central display on that vehicle,” Zeise said. “Wow, what a failure on multiple parts – on our part for certain. We need to make sure we’re securing that data.”

Bob Passmore, assistant vice president, personal lines policy, for the American Property Casualty Insurance Association, explained that insurance companies are regulated on a state-by-state basis, and “we think it’s the most effective way to regulate insurance.” However, when it comes to telematics data, “our members would definitely prefer a single standard.”

“For a claims investigation, when you need to get information about what happened, instead of talking to the driver, you’re going to talk to the car now,” Passmore said. “A single set of data that you can access to get answers to those questions that you used to ask in person would be preferable.”

When talking about how to regulate access to telematics data, McFarlin cautioned that “data” is a broad term. There’s data that’s specific to the vehicle owner, data that’s specific to the vehicle itself and data “that I would imagine our OE partners in the room would feel belongs to them because they’ve created it as part of that vehicle.”

“So you have to make sure that you’re controlling access to the right data for the right party,” McFarlin added. “Because, ultimately, if Buck has to contact his customer in order to get an access code to be able to program a module, that’s probably not the right approach that we need to be headed toward. Meanwhile, if the customer can get in and modify the code, that’s probably not the right approach either. So it’s a matter of finding the right balance for the type of data that we’re talking about, in my opinion.”

Tags: ,

Categorised in: ,

This post was written by Josh Cable

Leave a Reply

Your email address will not be published. Required fields are marked *