“There has never been a successful defense against court orders to [surrender location data from tolling systems]. Most coming from divorce cases…”I doubt this claim is true. But let’s assume for moment that it is. The kind of systems Rob refers to (since no better ones exist in North America) are the kind of electronic tolling system that have a $20 Automatic Vehicle Identifier (transponder) in your car and a million dollar reader-gantry-camera system above the road to read it. Such a system MUST retain your vehicle time of passage as proof to collect payment, UNLESS, as is offered by both E-ZPass and the “407” systems, you have a special pre-paid transponder that signals the gantry-reader that you have prepaid and your anonymous account is debited. And of the millions of E-ZPass and “407” drivers only a handful of drivers take advantage of this fully anonymous capability.
Surprisingly, it turns out that the opportunity to preserve your anonymity is GREATER with satellite tolling because the $100 device inside your vehicle can handle the entire transaction. There is no need for a million dollar reader-gantry that has to remember your passage! And yes, there is also the opportunity for greater invasion of privacy, but no country in the EU will permit this and I doubt the US will either. So far, every country that has addressed this has called for full privacy.
Road-metering innovation needs to balance two critical matters: the need for sustainable mobility and an entitlement to privacy.
Skymeter offers multiple levels of privacy (“dial-up privacy”) for our telemetric system from the fully opaque (level 0) where no data is forwarded or retained (much less available to others), to the fully transparent (level 4) where you can sell your data to marketers. There are three degrees of privacy in between, two of which, if subpoenaed would be surrendered and one of which can only be surrendered by you, unless you have already deleted it. It is also the case that we make it possible to drive and pay without using such a meter, but you will likely pay a monthly or annual fee that may be more expensive. And your plate will be imaged and stored more often, actually reducing your privacy. This last option and its cost is out of our hands, we are road-use-meter engineers, not policy makers. We solve the problem of reliable and private metering, we do not make the toll decision – or operate the fund collection and distribution systems. Road-owner-operators do the former and telcos do the latter. We enable everything in between.
The reason my company doesn't collect data in our level-0, anonymous-version services, is that we have built no way to retain the data once the trip is debited from your pre-paid account (which happens as soon as you are parked). So when you arrive at whatever place you should not have arrived at, the trip is debited and the journey erased; a message is sent to a billing operator to move the correct amount of money from a numbered account X (to which you had previously and anonymously deposited funds) to any number of road operator accounts corresponding to the road-owners whose roads you just used. When you arrive back home from whatever place you should not have been visiting the same thing happens. If you were arrested in your driveway, the trip data would already be gone, and so would the billing record. By the way if you were stopped along the way, the elapsed portion of your intended trip would be clipped, debited and deleted, as well. An easy way to clear your level 0 device is to stop for milk on the way home! The only problem is that you have no way to audit the bill.
Level 1 retains the location data for a numbered account X on your device and allows you to read it to check a bill. Once paid you may elect to delete it, or keep it for your records. It rolls off as memory fills. It holds about a year of normal driving.
Level 2 does the same but at a server where many additional services can be provided. Again the data is associated with a numbered account that only you have the password for. If you have reason to believe you might have trip information subpoenaed, select Level 1 if you need to self-audit – or Level 0 if you do not.
Level 3 is level 2 with permission for selected others to see your data. As an example, Bob, who is a problem to insure because of a record of driving violations may be insurable by a firm who examines Bob’s driving habits (speed, acceleration, time of day) and sets premiums accordingly. Clearly, this is an invasion of privacy, albeit one that Bob agrees to in order to be insured.
Level 4 data is sold to advertisers who send you coupons for opt-in things near where you park. This aspect is STILL anonymous (as in there is no need for your vehicle or personal ID), but anyone with a privacy concern might get antsy.
Now there is no way for Skymeter to know which levels any country would permit or disallow. We know of one (not the US) that will not allow level 0. And we know the EU is keen on ensuring only Levels 0 and 1.
So, the technology for absolute anonymity is possible, and it is ready. The issue for you is to be sure:
- Your government permits the privacy protection level you demand (they will be tolling your vehicle).
- Your government permits (or demands) an independent 3rd party to test that the levels behave as promised and that the more secure levels 0 and 1 cannot be compromised.
- If you choose anonymity, be sure to keep money in your account. (An empty meter turns off a signal that tells roadside cameras not to take an image of your license plate.
No comments:
Post a Comment