Connected vehicles now appear to be on the table as a new vector for government surveillance. On Saturday, President Joe Biden signed a bill that reauthorizes Section 702 of the Foreign Intelligence Surveillance Act after the Senate passed it late on Friday (60-34).
The bill saw overwhelming support from Democrat legislators and sufficient Republican backing to be pushed through. Any amendments floated that were intended to shield American citizens from getting scooped up in the net without the government first procuring a warrant were struck down while it was still moving through the House earlier in the week.
Section 702 of FISA is supposed to be a way to quickly gather intel on the communications of foreign individuals. However, it’s long been criticized as being repeatedly abused as a way to push through warrantless spying and the latest incarnation seems to be written to do exactly that. While reauthorization was still under consideration in Congress, Rep. Anna Paulina Luna (R-FL) argued that FISA had been improperly used over 278,000 times by the federal government, often violating the rights of U.S. citizens.
“The original intent of the Foreign Intelligence Surveillance Act was to be able to gather information on bad foreign actors,” she said. “However, as we have seen over the years, the program has been abused to spy on American citizens in direct violation of American liberty and the 4th Amendment. The FISA court found that the federal government violated its own rules over 278,000 times.”
Senator Ron Wyden (D-OR) likewise opposed the bill, stating it effectively forced any business or person who has the ability to record or store electronic communications to spy on behalf of the federal intelligence agencies. In fact, the bill itself states “any other service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communication” is now legally obligated to comply with clandestine communications monitoring on behalf of said agencies. Wyden claimed that would include “anyone with access to a server, a wire, a cable box, a Wi-Fi router, a phone, or a computer.”
It would also include automakers, who now possess some of the world’s largest data centers that compile the immense amount of information produced by today’s connected cars — many of which now incorporate in-cabin microphones and expansive camera arrays. All of that is now appears to be up for grabs, along with the vehicle’s positional data and any calls or text made while using it. Moreover, without any need for warrants, there would be no record of who is being spied on or on what grounds. Intelligence agencies can effectively deputize any business or individual for an impromptu surveillance program and then force them to remain quiet about it.
Truth be told, there’s probably far more focus being given to internet service providers and telecom companies. Heck, even employers and I.T. services could be on the hook. However, if the government likewise wants access to automotive data hubs or demand manufacturers begin tracking certain things on the grounds of national security, there are no legal barriers in place to prevent that from happening.
We have frequently covered just how invasive these technologies have become over the years and even gotten into just how sloppy automakers have been with protecting customer data. With few exceptions, the industry is eager to profit from the information accrued from connected vehicles. And, with no citizen protections or warrants being associated with the renewed Section 702 of FISA, the government can effectively force automakers (who probably wouldn’t have already complied) to hand over whatever data is gleaned necessary.
The only real silver lining comes from earlier in the month, when car manufacturers and the Federal Communications Commission (FCC) were bickering over whether connected vehicles should be regulated in the same manner as the broader telecom infrastructure. Despite frequently arguing with the FCC to allocate sections of the strictly controlled bandwidth for automotive connectivity, the industry does not want connected cars to be regulated by the government. Meanwhile, the FCC has repeatedly suggested automakers have effectively become “mobile virtual network operators” (MVNO) and should be subject to additional oversight. While that would technically require automakers to improve the privacy of their customers on the commercial end, the U.S. government would ultimately gain more direct control of the relevant data.
But it doesn’t really feel like either scenario would be a win. Neither the government, nor automakers, seem terribly concerned with the privacy of the person that actually owns the vehicle. They’re just worried about who gets to control it. By simply allowing connected vehicles to become the norm, we’ve opened a Pandora’s box that will be difficult to close. Barring every person disabling the modem on their vehicle or manufacturers going back to building automobiles without connectivity features — both unlikely — there doesn’t seem to be a way back.
[Image: Ford Motor Co.]
Become a TTAC insider. Get the latest news, features, TTAC takes, and everything else that gets to the truth about cars first by subscribing to our newsletter.
