Tech Law Journal logo

Senate Commerce Committee Approves Bill to Allow Access to Data Stored in Vehicle Event Data Recorders

April 9, 2014. The Senate Commerce Committee (SCC) held an executive business meeting at which it amended and approved S 1925 [LOC | WW], the "Driver Privacy Act", a bill that allows court and administrative authorities to authorize access to data stored in vehicle event data recorders (EDRs).

While this bill is described by its sponsors as a privacy bill, it does little to protect individual privacy. Rather, its main function is to provide for government access to data.

This bill does not address driver privacy generally. It only addressed the narrow subject of EDR crash related data.

Moreover, this bill does not begin to address the many issues raised by the deployment of new information technologies in motor vehicles, and the potential for collection and use of not only crash data, but also location, audio, video, communications and other data.

See also, related article titled "TLJ Analysis of S 1925, the Driver Privacy Act" in TLJ Daily E-Mail Alert No. 2,644, April 22, 2014.

Sen. John Hoeven (R-ND) introduced this bill on January 14, 2014. Sen. Amy Klobuchar (D-MN) is the lead cosponsor. The two made remarks, which are published in the Congressional Record. The SCC has held no hearing on this bill. There was almost no discussion of the bill at the April 9 meeting.

Sen. John Thune (R-SD), the ranking Republican on the SCC, said that this bill, and some others, "may require some additional work before the full Senate considers them". He said that Sen. Hoeven and Sen. Klobuchar "are still in discussions about additional modifications that may have to be made".

The SCC approved by unanimous voice vote on April 9 an amendment in the nature of a substitute offered by Sen. Klobuchar.

Sen. John HoevenSen. Hoeven (at right) stated on January 14, 2014 that "This is all about protecting people's privacy in regard to their automobile." He continued that the data stored in these devices "should be the owner's information and that information should not be released without the owner's consent."

Sen Hoeven also noted that the Department of Transportation (DOT) "is requiring this year that every vehicle have an event data recorder in it."

The DOT's National Highway Traffic Safety Administration (NHTSA) promulgated regulations that are now codified at 49 C.F.R. Part 563. EDRs are mandatory in most light vehicles manufactured on or after September 1, 2014.

The DOT issued its notice of proposed rulemaking (NPRM) in December of 2012. See, notice in the Federal Register, Vol. 77, No. 240, December 13, 2012, at Pages 74144-74159. That proceeding is Docket No. NHTSA–2012–0177.

The DOT received over one thousand comments, almost all from individuals telling the DOT not to impose a mandate for privacy and Constitutional reasons. However, the automobile and insurance industries commented that they like the idea of mandatory EDRs.

Bill Summary. This bill, as approved by the SCC on April 9, provides that "Any data retained by an event data recorder ... is the property of the owner, or ... the lessee ..."

It also provides that "Data recorded or transmitted by an event data recorder ... may not be accessed by a person other than an owner or a lessee of the motor vehicle in which the event data recorder is installed".

However, the bill then enumerates five exceptions.

First, data may be accessed if "a court or other judicial or administrative authority having jurisdiction (A) authorizes the retrieval of the data; and (B) to the extent that there is retrieved data, the data is subject to the standards for admission into evidence required by that court or other administrative authority".

Second, data may be accessed if "an owner or a lessee of the motor vehicle provides written or electronic consent to the retrieval of the data for any purpose, including the purpose of diagnosing, servicing, or repairing the motor vehicle".

Third, data may be accessed if "the data is retrieved pursuant to an investigation or inspection authorized under section 1131(a) or 30166 of title 49, United States Code, and the personally identifiable information of an owner or a lessee of the vehicle and the vehicle identification number is not disclosed in connection with the retrieved data, except that the vehicle identification number may be disclosed to the certifying manufacturer".

49 U.S.C. § 1131(a) and 49 U.S.C. § 30166 provide for NHTSA investigations of accidents.

Fourth, data may be accessed if "the data is retrieved for the purpose of determining the need for, or facilitating, emergency medical response in response to a motor vehicle crash".

Finally, data may be accessed if "the data is retrieved for traffic safety research, and the personally identifiable information of an owner or a lessee of the vehicle and the vehicle identification number is not disclosed in connection with the retrieved data".

The bill also requires that the NHTSA write rules "to establish the appropriate period during which event data recorders installed in passenger motor vehicles may capture and record for retrieval vehicle-related data to the time necessary to provide accident investigators with vehicle-related information pertinent to crashes involving such motor vehicles."

The would would also require that the NHTSA conduct a study of "the amount of time event data recorders installed in passenger motor vehicles should capture and record for retrieval vehicle-related data in conjunction with an event in order to provide sufficient information to investigate the cause of motor vehicle crashes."

More Documents from the DOT NHTSA Proceeding.

(Published in TLJ Daily E-Mail Alert No. 2,644, April 22, 2014.)