According to the U.S. Department of Transportation’s National Highway Traffic Safety Administration (NHTSA), 96 percent of model year 2013 passenger cars are equipped with “event data recorders” (EDRs). EDRs, sometimes colloquially known as “black boxes,” collect specific safety-related data, including: the speed of the vehicle, whether the occupant’s seat belt was buckled, and the timing of any deployment of an air bag. The foremost purpose of EDRs is that the devices serve as a means of protecting manufacturers from law suits alleging that a deficiency in the automobile caused an accident. This EDR information is collected in a continuous loop; recording what happens before, during, and after an accident. As to be expected, this information is collected, and can be extracted by a myriad of third parties, irrespective of whether an accident has actually occurred.
EDRs have been in the news lately, as the NHTSA has introduced a proposed rule to make the inclusion of an EDR mandatory in all new vehicles to be manufactured after late-2014. In response to the proposed rule, Congress, in a rare bipartisan fashion, has taken action to ensure that privacy protections with respect to the ownership, accessibility and methods of use of the EDR data are vigilantly maintained. As discussed below, the proposed Driver Privacy Act (DPA) would make clear that any EDR information is considered proprietary information belonging to the owner of the vehicle, and that any EDR information can be collected only in limited situations.
