● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Automated Vehicles Symposium 2015

Automated Vehicles and Privacy Issues: Learning From Experience

Thomas J. Bamonte (@TomBamonte)Assistant Executive Director, Strategy & InnovationNorth Texas Tollway Authority

July 22, 2015

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Overview

Toll highways and data generationPrivacy concerns and responsesApplication to automated vehicles

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

U.S. Toll Highway Network

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Overview of Highway TollingToll highways/bridges in 35 states2,900 miles of tolled interstates in 21 states5+ billion trips handled annuallyTolls = approx. 35% of federal gas tax revenueIndustry moving to “all electronic tolling” (AET)

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Mechanics of Electronic Tolling

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Pay-by-Plate Customers

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Trip Data Collection

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Registered Owner Information

Personal information Home address Telephone Driver license number Email address License plate number Credit card information Vehicle year/make/model/color/VIN

Sources Customer accounts DMV data Collection efforts

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Roadway Camera Coverage

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Law Enforcement: ALPR

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

HOT Lane Enforcement

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Emerging Tolling Methods

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Vehicle as Data Generator

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

OBD Units

Drivewise by Allstate Vinli

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

“Black Box” Event Data Recorders

Capture crash-related data Pre-crash vehicle dynamics

and system status Driver inputs Vehicle crash signature Restraint usage/deployment

status Post-crash data such as the

activation of an automatic collision notification system

Installed in most vehicles

—NTHSA mandate forward

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Driver Fitness Monitoring

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Vehicle-to-Cloud Connections

Vehicle as Cellphone on Wheels

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Current Highway User Privacy Protections

Contract: Customer account agreements

Customer account and trip data shielded from general disclosure; use allowed – When conducting tolling business In response to court order

(e.g., warrant) When aggregated (e.g., studies)

High data protection standards in place (e.g., PCI compliance)

Other data streams covered by user agreements (e.g., Waze)

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

State Law Protections

Customer account

information & trip data =

FOIA exception

Mandated privacy policies & data security requirements

Laws governing ownership & use of event

data recorders

General data security &

breach notice requirements

ALPR regulation

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Federal Law Protections

Drivers Privacy Protection Act

Various consumer law protections

Federal legislation introduced to protect locational privacy—including vehicles

Jones & Riley decisions

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Established Principles

Customer account information and trip data shielded from general disclosure

Used for toll collection purposes

Not disclosed unless legally required (e.g., warrant)

Anonymized data used for analysis

High data protection standards (e.g., PCI compliance)

Vehicle data belongs to vehicle owner

No transfer of data to 3d parties w/out consent

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Challenges: Automated Vehicles

Extensions into law enforcement

“Taking over” vehicle for safety/traffic management

Sponsored ads in visual stream on dashboard

Sale of highway user dataVehicle sensor array poses

own privacy challenges

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

Cybersecurity Eclipses Other Privacy Concerns

● M o b i l i t y . S a f e t y . C u s t o m e r s . E c o n o m y . R e s p o n s i b l e S t e w a r d ●

North Texas Tollway Authority

Our Mission

Provide a safe and reliable toll road system Increase value and mobility options for customers Operate the Authority in a businesslike manner Protect our bondholders Partner to meet our region’s growing need for transportation infrastructure