Fleet Connectivity and Driver Privacy
By Suresh Rajapakse
March 31, 2021
In the consumer world, there is an expectation of privacy. Technology brands are advertising the security and fair use of customers’ information as a value proposition. Fleet drivers who consume that same information and use those same tools have the same expectation – and the law is following suit.
In January 2020, California’s Internet of Things (IoT) Cybersecurity Law SB3 27 went into effect. The legislation states that any device connecting to the internet must have reasonable security features. It boils down to requirements for device manufacturers to secure any information on the device and to provide capabilities to delete information collected by devices, rather than placing any requirement on providers or operators of such devices.
For the fleet world, this impacts both embedded and third-party telematics devices installed in vehicles. This law puts the bulk of the responsibility on the manufacturer to protect the privacy of the user. States are watching closely to see how this new rule is received. California is often a testing ground for new legislation, so SB 327 may have greater implications down the road.
Fleet Privacy Policies
Connected device providers are selling privacy, too. Select tools recording trip distance, vehicle acceleration and more are now equipped with selective tracking. For example, if a vehicle is available for personal use, the fleet manager may want to enable a feature that allows the tracking device to go dormant during off-duty hours. This is very handy as drivers’ spouses often use the vehicle as well. For vocational fleets and those operating within well-defined areas, tracking only within a certain geographic area is another use case.
Data Collection To Reduce Insurance Rates
In the consumer market, insurance companies collect troves of telematics data with the promise of using that information to provide a more accurate, and many times, a reduced insurance rate. However, the mere existence of that data puts it at risk. One aboveboard example is a state or federal agency seeking access to your fleet’s data via warrant.
Yet, hacks and data misuses occur, too. Some big-name instances have dominated their share of news cycles. These examples tie your hands regarding options, but if your drivers’ behaviors weren’t being tracked by insurance providers then that information wouldn’t exist. The risk trade-off is something to consider.
Data Privacy Resources
It’s a prime time to evaluate what your fleet management provider is doing to protect your fleet and your drivers. Their supplier management program should be diligent in pairing you with the safest, most trusted vendors. Consult them regularly as laws often change and devices are updated frequently. For resources:
- Visit IAPP for the largest global information privacy community.
- Read Wivity’s article interpreting SB 327.
- Explore Telematics.com’s guide to fleet tracking systems.
If you need any advice on any of this, please don’t hesitate to reach out. I always love hearing from you. Feel free to connect with me on LinkedIn at www.linkedin.com/in/sureshrajapakse. If you have any comments or feedback, feel free to email me at email@example.com.