How sharing what we don’t know can build trust in medical research

Impactful leadership in the era of the remote team

How credit cards activate the reward center of our brains and drive spending

MIT Sloan Experts

Data Privacy

Is Mass Ballot Question 1 on “motor vehicle mechanical data” about right to repair or theft of your private information…or something else?


Massachusetts Ballot Question 1 summary starts off simple enough: “This proposed law would require motor vehicle owners and independent repair facilities be provided with expanded access to mechanical data related to maintenance and repair.”

But the details and implications are much more complex than that and are barely touched on by the frequent 30 second television spots by both the pro and con groups.

It is not just about who repairs your car, but who is monitoring your car.

First, what is being required is that “manufacturers of motor vehicles … that utilize a telematics system should be required to equip such vehicles with an inter-operable, standardized and open access platform …”

Telematics refers to the sending, receiving and storing of data to and from the vehicle over the air, like your cell phone. Cars are gathering increasing amounts of data, from tire pressure to your speed and location to the numbers in your phone book. There are many proposed benefits of gathering and transmitting all the sensor data, such as your car detecting that the brakes are not completely working and alerting you and your mechanic to have them checked. A feature of the OnStar system, for instance, detects when you are in an accident and automatically calls for help, even if you are unconscious.

So, it is not just about who repairs your car, but who is monitoring your car.

We all know that computers can be hacked, and so can cars when they are computers on wheels. For example, several years ago, two cybersecurity researchers demonstrated that a Jeep Cherokee could be hacked remotely, including taking control of its steering and braking systems.

But, how serious is the risk?

The questions here are how Question 1 changes the risks, and how it changes the benefits.

On the one hand, open access data platforms could provide significant benefits as noted above. Much like we can learn a lot about diseases by gathering data from many people, we might learn a lot about the causes of mechanical failures and accidents by being able to analyze the data from millions of vehicles—and possibly save lives in the process.

On the other hand, they could—depending on details—give someone access to lots of information and maybe control of your car. But many of these risks and benefits already exist with the current manufacturer-specific methods for remote access as the Jeep Cherokee and OnStar examples illustrate.

The ‘mechanical data being made available’ is not yet defined.

Although the ballot question refers to only “Mechanical Data” being made available, this is not yet defined. It might include location data and such. But, as we have learned through our cybersecurity research, there is an important distinction between how systems are intended to work and how they might be made to work. If any personal information exists in digital form on the vehicle, a diligent hacker might be able to access to it. This has happened in many other settings. So how can risks be reduced and benefits increased?

Rushing the addition of open access features increases risks of unnoticed vulnerabilities.

How well designed for security is the proposed open access platform? We don’t know. Rushing the addition of open access features increases risks of unnoticed vulnerabilities. It is not clear that manufacturers can even come up with such a standardized interface by the 2022 model year, which should be entering manufacturing very soon.

‘Status of entity unaffiliated with a manufacturer’ hasn’t yet been defined.

Question One requires that it is “administered by an entity unaffiliated with a manufacturer.” What is the status of that entity? There appears to be almost nothings about it in the ballot question. Could it be a contract will be given to Google, Facebook, or maybe a Chinese company? Potentially, this entity would have access to the information from every car. Question One doesn’t make it clear what it is allowed to do with that information. These issues must to be clarified so voters have a better say.

No details of storage, retention and future usage of your data has been clarified.

How is access controlled and data used by both the repair shops and the car owners? Presumably, the owner has control over access, but what about storage, retention and future usage? The details are not spelled out. Is it like having a password to your email account? If so, how carefully is that password protected? For example, it has been reported that most home security cameras still have default or very simple passwords, which has made them easy to hack. Will car owners be more attentive in who and how they authorize remote access to their motor vehicle?

The collected data may only benefit those who can afford maintenance reporting.

Benefits will accrue not only from maintaining choice of car repair facilities, but also from how the collected data is used. Will data be used to benefit all car owners, say by adding to the body of knowledge about accidents or vehicle malfunctions, or only those who can afford and are willing to pay for extra services, such as preventative maintenance reporting? Who will decide these types of questions, or even ask them? Providing an open access data platform for cars opens the door to asking these questions, but in and of itself does not provide any answers.

Weighing the change in benefits and risks.

Each of us must weigh the change in benefits and risks presented by Question 1 in our own way. Our behavior is hard to predict, and sometimes fickle. In one study about personal information, the participants all agreed that privacy was important, but when researchers offered one group of students a free pizza in exchange for three friends’ email addresses, an overwhelming majority of the students chose pizza over protecting their friends’ privacy.

Getting back to the transportation question: some people prefer to drive long distances for vacation while other fly – the risks of accidents are wildly different, but so are the costs, the time, and other factors. Even knowing all the factors, some people will choose one way and some the other.

In short, we don’t yet have full information about all the costs and benefits related to Question 1. So, what should you do? There is no easy answer. But, you should clearly understand the benefits you are seeking and the risks that you are willing to live with. Then make your decision.

Stuart Madnick is the John Norris Maguire (1960) Professor of Information Technologies at the MIT Sloan School of Management, Professor of Engineering Systems at the MIT School of Engineering, and Founding Director of Cybersecurity at MIT Sloan (CAMS): the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity. He has been active in the cybersecurity field since co-authoring the book Computer Security in 1979.

Jerrold Grochow is a Research Affiliate in the Cybersecurity at MIT Sloan initiative and former Vice President for Information Services and Technology at MIT.

For more info Patricia Favreau Associate Director (617) 895-6025