This week I saw a sticker in my vehicle that I hadn’t noticed before. It reads: “
Vehicle Data Transmission is On! Your vehicle wirelessly transmits location, driving and vehicle health data to deliver your services and for internal research and data analysis.” It then gave a website and instructions to disable.
Automotive Data and the CCPA
I’m not sure what most people’s reaction to seeing this might be, but as someone who’s been in the eDiscovery industry for a while now, my first thought was, “This must be how they’re dealing with compliance in regard to laws like the
California Consumer Privacy Act (CCPA) which is now being enforced as of 7/1/2020.
In fact, a recent article in
Automotive News states that, “The auto industry will start to experience what the health care and finance sectors have been facing for decades — an ever-changing and more complex privacy landscape. Specifically, the CCPA creates consumer rights for Californians that enable access to, sharing or deletion of and the ability to opt out of the sale of personal information collected by a business.”
Automotive Data and eDiscovery
If you think about all the data now collected by automobiles these days, it of course raises the issue of that data being discoverable should litigation arise. In fact, back in 2017 with
Barry v. Big M Transportation, sanctions for data spoliation were requested due to Big M Transportation’s failure to preserve a truck’s ECM data after an accident. While a default judgement under FRCP Rule 37(e) was denied, the court did rule as an alternative sanction that the jury would be told the “ECM data was not preserved and will allow the parties to present evidence and argument at trial regarding Big M’s failure to preserve the data.”
In more recent cases, automotive data has been used to determine the outcomes of lawsuits around self-driving cars (
read my blog on 3 of those cases here), but when you consider the increase each year of everyday economy vehicles which collect data, combined with mobile devices which are connected to those vehicles, it’s easy to see how automobiles are a quickly growing source of potentially discoverable data.
Considerations for Dealing with the Growth of Automotive Data
For Automotive Companies:
Work with Legal, Privacy, and Compliance Departments to ensure policies are in place regarding the CCPA, General Data Protection Regulation (GDPR), as well as keeping aware of other privacy laws which may be enacted (at least nine other states — including New York, Maryland, Massachusetts, Oregon and New Jersey — also considering consumer privacy laws).
For Transportation Companies:
No different than more traditional electronic data sources of the past decades (e.g. disks, hard drives, laptops, and email) make sure that you have Legal Hold and Preservation policies in place regarding fleet vehicles and other automobiles used for business purposes, as well as technology which can help ensure these processes work effectively, to avoid sanctions and other penalties.
For Law Firms and Legal Service Providers (LSP):
Utilize the latest in eDiscovery technology to quickly and accurately collect and process automotive data (and metadata) into review platforms while keeping costs low.