Portable technology — mobile phones, laptops, vehicles and aftermarket navigation devices — travel with us nearly everywhere we go, constantly exchanging data with unseen satellites above. This data is rich with potential applications, and telematics systems allow a number of industries to harness this data to accurately pinpoint the location of collateral, plan efficient routes, and increase safe driving. However, the use of this data also raises a number of privacy issues that anyone who takes advantage of this gold mine needs to be aware of.
Never heard of telematics? Telematics can be defined as the collection of data emitted from a remote source, and has been adopted to describe the integration of telecommunications and informatics. Telematics relies on electronic logging devices (ELDs) and the Global Positioning System (GPS) for data, which can then be uploaded to a system to be organized, labeled, and eventually, interpreted. One of the most recognizable early telematics systems is OnStar.
What are some applications of this technology?
In commercial fleets, particularly trucking but also in autonomous fleets planned by rideshare companies, telematics is touted as a way to reduce expenses, prevent losses, pinpoint inefficient routes, and increase safe driving. Enhanced monitoring and benchmarking of behavior, usage, incidents, and vehicle performance may lead insurance companies to drive the adoption of telematics. These systems may save law enforcement fleets (and ultimately taxpayers) fuel, flag officers’ unsafe driving, and seat belt usage, and provide accident and location notification for faster emergency response.
A recent rule issued by the Federal Motor Carrier Safety Administration mandating the use of ELDs by December 18, 2017, for most commercial motor carriers and drivers has propelled industry-wide adoption of hardware required for telematics. According to an April-May 2019 survey by TeltracNavman, 55% of telematics users reported reduced fuel costs. The greatest reported challenges to adoption were lack of perceived need or benefit and cost. Concerns about information and data — both customers and employees — were paramount for nearly a quarter of those surveyed.
Companies that would like to use data gathered from motor vehicle telematics systems must consider applicable privacy laws. Where data is anonymized, data protection laws may not apply — but if information can be or will be used in application to a particular individual (coaching a reckless driver, or reducing insurance rates due to the use of low-risk routes), individual consent may be required before a company collects data.
Rules governing form and content of consent vary by jurisdiction, and if a company operates overseas, the data gathered may be subject to protections of other legal systems, such as the General Data Protection Regulation in the European Union. Additionally, several U.S. states have established laws that protect personal location privacy, which should be taken into consideration before an auto finance company begins to use this information.
GPS tracking has been addressed but not fully opined upon by the U.S. Supreme Court (SCOTUS). In the context of criminal procedure, SCOTUS ruled that police required a warrant to search location history stored inside a mobile phone, as it was personal information entitled to protection from unwarranted disclosure. Although this holding does not directly apply to the auto finance industry, it illustrates how individuals will likely have an expectation of privacy. Companies that would like to leverage telematics to gather information about their customers’ driving behavior would benefit from obtaining the consumer’s consent before doing so.
Emily Honsa Hicks is an attorney in McGlinchey Stafford’s Cleveland office, where she handles complex regulatory matters for banks, finance companies, mortgage companies, and online lenders. She has deep experience in Bankruptcy Code compliance and Foreclosure compliance, and holds an American Bankers Association certification as a Certified Regulatory Compliance Manager. She can be reached at firstname.lastname@example.org or (216) 455-5068.