With the advent of artificial intelligence and the ubiquity of the internet of things (IoT), at some point customers may be able to drive into a dealership for tire and rim repairs with minimal wait time and an automated check-in/check-out process.
That could be handled from the convenience of a smartphone or, better yet, by speaking to the car.
The mechanics will have already pulled replacement tires out, warmed up a preferred rental replacement, and even have a cup of coffee ready – just the way the customer likes it.
This level of luxury concierge service may set car manufacturers apart from their competition; however, personalized service like this requires enormous amounts of data, which automatically raises privacy concerns.
According to the IBM Institute for Business Value, 62% of consumers would consider one car brand over another if it had better security and privacy. Recognizing the need to get ahead of the privacy issues, in 2014, the Alliance of Automobile Manufacturers issued its “Consumer Privacy Protection Principles for Vehicle Technologies and Services.” (Joanne Molinaro, left)
These principles commit Alliance members to the following: (a) transparency, (b) choice, (c) respect for context, (d) data minimization, (e) data security, (f) integrity and access, and (g) accountability.
Blockchain is a decentralized digital ledger used to record transaction information across many computers.
What role does blockchain have in the privacy discussion? Blockchain is touted as the silver bullet for all sorts of problems with big data, including traceability, “hackability” and human error.
In many ways, blockchain features may also offer a solution to privacy issues.
Take, for instance, the “integrity and access” principle adopted by the Alliance: “Participating Members commit to implementing reasonable measures to maintain the accuracy of Covered Information and commit to offering Owners and Registered Users reasonable means to review and correct Personal Subscription Information…”
The virtual immutability of data housed on a blockchain can ensure that the data are not tinkered with or otherwise rendered inaccurate. Any “corrections” that need to take place will accurately be reflected as such, a modification of preexisting data that cannot be erased.
Indeed, the immutability of data is one of many facets that makes blockchain “unhackable”—another one of the Alliance’s principles: “Participating Members commit to implementing reasonable measures to protect Covered Information against unauthorized access or use.”
When combined with the decentralization that is the hallmark of blockchain technology and powerful cryptography designed to obfuscate (if desired) the participants and the terms of the transactions, blockchain may offer one of the most robust solutions to cybersecurity issues that continue to disrupt business operations.
However, it is precisely the immutability of blockchain data that may also present problems.
Once written onto a blockchain, the data resides on the blockchain forever. One of the Alliance’s stated principles is to ensure that its members retain “Covered Information no longer than they determine necessary for a legitimate business purpose.”
Europe’s General Data Protection Regulation similarly requires that personal data be retained for no longer than is necessary for the purposes for which it was processed. How can blockchain square with consumers’ rights to have their data deleted?
The immutability of data is a function of decentralization. Therefore, to provide for a “delete button” on blockchain data, the blockchain would need to become less decentralized. (Jeff Soble, left)
These blockchains are dubbed “permissioned” blockchains or “consortiums,” where the nodes are not anonymous, access to the blockchain is subject to the consent of other participants, and the data may be more susceptible to change. However, as decentralization diminishes, so too will all its benefits, namely security.
With fewer nodes tasked with maintaining the integrity and security of the data, the more vulnerable to hacking the data become. Most agree, however, that blockchain’s game-changing traceability and security features merit a thorough investigation to see what privacy solutions can be developed to address this dilemma.
In the meantime, of course, the most important privacy feature of all remains consent. We can all choose not to give up our data, even if that means we’ll have to settle for straight black coffee instead of our morning latte the next time we have a flat tire.
Joanne Molinaro is a partner and trial lawyer with Foley & Lardner and a member of the firm’s Blockchain and Cryptocurrency Task Force. She can be reached at [email protected].
Jeff Soble is a partner in the firm’s business litigation and dispute resolution practice and the former co-chair of the firm’s automotive industry team. He can be reached at [email protected].