Re: [projectvrm] Who owns data generated by 'connected cars' sensor slurpers?

[Adrian Gropper < >]

Consider the case of connected people. Hugo Campos, for example has an implantable cardiac defibrillator (ICD) that sends his data to Medtronic before it goes to the hospital where it might go to a doctor, and finally, only after years of struggle, Hugo got to see a degraded version of his own data as an off-line file. (Activities that trigger the ICD and the resulting "tuning" are obviously a prime concern for the patient.) Hugo has been very public about this issue. Another ICD patient I advise lost track of her data when she lost her health insurance. The alarms from her device were not being monitored by anyone.

From my perspective, "privacy by design" is too vague. The design framework needs to be based on Fair Information Practice. Oversimplified, FIP requires consent, data minimization and transparency. All three criteria, require the patient to have convenient access to the ICD data _before_  it's sent to the vendor or the hospital. Without such access consent is being coerced, data minimization cannot be audited and transparency is more or less absent.

This brings us to the SIM card or the equivalent private key associated with the device. That key needs to be entirely in the control of the patient. In some cases the key may be associated with a certificate. It could be used for ID and encryption (although there's a case to insist the encryption also allow for perfect forward secrecy). In many cases, a trusted certificate is not required.  For my ICD patients, a self-signed certificate and in-person authentication with my physician should be sufficient.

Adrian

On Mon, Feb 17, 2014 at 11:58 AM, T.Rob < " target="_blank"> > wrote:

That would be MUCH appreciated, Graham!  I'm curious to hear their take.  Some folks from a different German auto maker scheduled 30  minutes with me 2 years back at IMPACT.  The security discussion took about 20 minutes and I spent the remaining time talking about all the data issues.  We ended up running way over and having lunch together because the data discussion was way more interesting than the back-end security discussion we'd planned.  (Because it was in my role as an IBM product manager I can't provide the name.)

 

Kind regards,

-- T.Rob

 

T.Robert Wyatt, Managing partner

IoPT Consulting, LLC

+1 704-443-TROB

https://ioptconsulting.com

https://twitter.com/tdotrob

 

From: Graham Hill [mailto: " target="_blank"> ]
Sent: Monday, February 17, 2014 9:56 AM
To: T.Rob
Cc: " target="_blank">
Subject: Re: [projectvrm] Who owns data generated by 'connected cars' sensor slurpers?

 

Hi T.Rob

 

I have lunch with the head of Toyota Deutschland's legal team in a couple of weeks time. I have already let him know that this is a topic we should cover over the fish and chardonnay. I will let you know what his legal opinion is.

 

Best regards from Cologne, Graham

 

On 17 Feb 2014, at 14:14, T.Rob < " target="_blank"> > wrote:

An analysis under German law as to who can and should own data from a connected car, implications of sharing with 3^rdparties, and a call for Privacy by Design.

 

http://iopt.us/1cQgBu4

http://www.theregister.co.uk/2014/02/17/connected_cars_phenomenon_raises_data_ownership_issues_says_expert/

 

Kind regards,

-- T.Rob

 

T.Robert Wyatt, Managing partner

IoPT Consulting, LLC

+1 704-443-TROB

https://ioptconsulting.com

https://twitter.com/tdotrob

 

 

--

Dr. Graham Hill

" target="_blank">

UK +44 7564 122 633

DE +49 170 487 6192

http://twitter.com/GrahamHill

http://www.linkedin.com/in/grahamhil

 

Partner

Optima Partners

http://www.optimapartners.co.uk

 

Senior Associate

Nyras Capital

http://www.nyras.co.uk

 

--
Adrian Gropper MD