Major vehicle manufacturers are telling Congress to keep its distance as the industry evolves to take advantage of the “Internet of cars.”
Representatives of Toyota, Tesla and GM are scheduled to testify before a House Oversight subcommittee on Wednesday, when they will tout the safety and comfort benefits of increasingly connected cars in prepared testimony.
“Regulation at a time of rapid innovation runs the risk of limiting the realization of the full extent of safety advances,” Tesla’s head of business development Diarmuid O’Connell will say when testifying Wednesday.
Increased regulation should be avoided unless “absolutely necessary,” he will say.
O’Connell said the Chrysler vulnerability could have been avoided if manufacturers ensured that their vehicles were not directly connected across the Internet. He also said connected cars must isolate their mechanical systems, such as braking, and make sure to use encryption technology to protect privacy of information transferred to and from vehicles.
“Tesla is seeing increased vehicle security interest and scrutiny from academic and industry security researchers,” he said. “Tesla encourages and applauds this assistance — to the extent of even providing financial rewards for the best research.”
Toyota’s head of connected services, Sandy Lowenstein, endorsed a congressional cyber sharing proposal that recently passed both chambers and urged lawmakers to merge the bills quickly and send them to President Obama's desk.
The company also called on the government to clarify that car hacking violates the Computer Fraud and Abuse Act. Outside advocates, however, have warned that researchers should be exempt so as not to chill the kind of study that uncovered the Chrysler vulnerability.
The auto industry has recently set up its own information sharing coalition and adopted best practices for user privacy. But Toyota rejected automotive-specific cyber regulations.
“The truth is that industry can move quicker than the government to update or modify out-of-date practices or adjust to new or emerging threats,” Lowenstein wrote in prepared remarks.
The National Highway Traffic Safety Administration is slated to address privacy concerns in an upcoming rulemaking process and has also worked with the Federal Trade Commission on the issue.
Outside advocates have called on Congress to pass legislation to require regulators to write privacy and cyber rules dealing with connected cars.
Lawmakers such as Sens. Ed MarkeyEd MarkeyA guide to the committees: Senate GOP sets sights on internet privacy rules Overnight Tech: GOP chairman to propose high-skilled visa overhaul | Zuckerberg's 5,700 word letter | Tech lobbies gear up ahead of internet fight MORE (D-Mass.) and Richard BlumenthalRichard BlumenthalA guide to the committees: Senate Senate Dems ask DHS inspector general for probe of Trump’s business arrangement If Gorsuch pick leads to 'crisis,' Dems should look in mirror first MORE (D-Conn.) introduced legislation that would require regulators to set standards to ensure all wireless access points of a vehicle are protected, that critical systems are isolated, that the vehicle has technology to detect and stop a hack in real time and that all information collected is secured.
It would also require rules to force car companies to make customers aware of the data that is collected from cars, give customers the ability to opt out of the collection and bar marketers from using the information to target ads.