The US National Institute of Standards and Technology has defined the Internet of Things and cyber-physical systems as "a related set of trends in integrating digital capabilities (i.e. network connectivity and computational capability) with physical devices and engineered systems to enhance performance and functionality". According to the authors of this report, the intelligent vehicle is an example of this trend.
In Europe, the intelligent car is often referred to as the ‘connected car’. As more and more electronic and software components are installed in cars, cars’ intelligence is developing rapidly. These components enable cars to constantly, in the words of a recently published memo by the International Automobile Federation, “collect, store, process, transmit and use” data.
The European Commission urges manufacturers of these connected cars to quickly reassess their business models and transform from “developing and producing cars to delivering more and more mobility services”. This need to transform their business is, according to EU authorities, prompted by the fact that, “their current business in hardware-selling is at risk of becoming a commodity play and less attractive because of decreasing margins”. The drive to develop connected cars and the increasing volumes of data that these connected cars collect and communicate will, as claimed in a report published by the EU, have “potentially large effects on how and who can access and exploit the data”.
In one of his articles, Kerber specifically deals with governance issues that will arise in the transition to connected cars in relation to questions such as who will ultimately be able and allowed to access data collected by connected cars. Kerber is quite clear when he says that, “in the case of non-personal in-vehicle data – which might be certain kinds of technical data and, in particular, the huge mass of anonymized data – no clear legal rights exist, especially no property rights for data”. Following on from this, he points out that the discussion on data rights so far has shown “that an exclusive de facto control of non-personal data by a data holder from an economic perspective leads to a de facto (but not legal) ‘ownership' of these data”.
Kerber goes on to claim that, so far, all data collected by cars and subsequently connected cars “are transmitted directly to proprietary servers of the OEMs (original equipment manufacturer, BvL), they are obtaining de facto exclusive control of these data”. Neither the user(s) of the car, nor other stakeholders of the car are allowed to use data collected by the connected car without the OEM’s consent.
In the discussion on access to data collected by connected cars, research is currently ongoing in a wide range of areas into things such as safety and security (including cybersecurity), liability, standardisation and interoperability, privacy and ethical issues. The aforementioned report by McCarthy et al. claims, among other things, that the car industry does not object to data being made available to third parties based on pre-approved use cases, the requested type of data, or the purpose for which the data will be used. They do, however, restrict such availability to specific kinds of data.
Data generated by the vehicle, known as operating data, can be made available based on these criteria. Access to data imported by the user from a phone or other kind of device, on the other hand, should be blocked. And data received by connected cars from external sources, such as transport infrastructure or other vehicles, must, according to manufacturers, not be accessible either. This report furthermore states that, in most cases, the manufacturers of connected cars are the de facto owner of “data that their machines or processes generate, even if those machines are owned by the user. A de facto control of this data can be a source of differentiation and competitive advantage for manufacturers”.
The new position that the manufacturers of connected cars thus acquire, i.e. that of the de facto data owner, leads to interesting new discussions. Kerber claims, among other things, that, “the problem of access to in-vehicle data should be seen as part of the more general question concerning how a comprehensive governance solution for the data that are produced in the ecosystem of connected and automated mobility should look like”. The governance issue in such a digital ecosystem is, according to Van Lier, complicated by the fact that a digital ecosystem is made up of an amalgam of new and constantly changing combinations of hardware, software, data, information and people.
As a result of mutual communication and decision-making within these combinations, changes to components or combinations of components of the ecosystem can automatically lead to changes to the functioning of the system as a whole. The solutions that the aforementioned report proposes with respect to the data issue around connected cars largely fail to address these specific governance issues within an ecosystem. The possible solutions consist primarily of developing a central data server platform to which all data are sent for analysis and distribution. Or an in-vehicle interface (on-board platform) that is connected to a further developed OBD (On-Board Diagnostics) interface, which can in turn be connected to an external device such as a smartphone. These two solutions could in the long term be combined with a yet to be developed on-board application platform that, “would allow access to vehicle data and the execution of applications inside the vehicle environment”. Both these possible solutions include the creation of new central trusted third parties to solve the problem of reliable data access.
Blockchain and Distributed Ledger
The connected car as the outcome of the transformation of the traditional car into the car as a cyber-physical system is a composite system of a traditional physical object combined with algorithms, software and data. As a cyber-physical system, the connected car can be connected in networks as a node and communicate and interact autonomously with other nodes in the network. Given the specific singularity of each distributed operating node in the network, it needs to be able to autonomously decide when and with whom it wants and is able to share data or information based on autonomous procedures on “how the participants agree that a transaction is valid”.
Such consensus procedures performed based on algorithms, software and data originate, according to Yaga et al., from ideas dating back to the early 1990s. The basic idea for such a consensus procedure was, in the view of Yaga et al., presented by Leslie Lamport in 1991 in a scientific article that Yaga et al. argue described a “consensus model for reaching agreement on a result in a network of computers where the computers or network itself may be unreliable”. The PAXOS algorithm that Lamport works out has as one of its essential conditions that the consensus algorithm must work based on the given that each node in the network autonomously stores and secures its data. As a result, each node can independently log the consensus procedures in which it was involved prior to a data transaction, as well as keep track of the data entities that were processed in transactions. The combination of consensus algorithms and distributed ledgers is currently the basis for ITU research initiated by several Chinese organisations into the standardisation of a blockchain of things. It is an interesting thought that standardisation of a blockchain of things may also offer possibilities for a solution to the data access problem involved in cyber-physical systems such as connected cars, especially where standardisation of a blockchain of things is or will be related to the development and implementation of 5G networks.
Data access is not only an issue in relation to connected cars, it is also an issue to consider for all other traditional objects that are slowly but surely transforming into cyber-physical systems, such as fridges, TVs, production machines, MRI scanners, infusion pumps, container terminals and aircraft. And, as outlined in this article, it plays an essential role in concepts such as smart mobility, and with that also in concepts such as smart cities, smart industries, smart healthcare, etc. Given the fact that we are currently insufficiently aware of the data aspects (ownership, access, security) of these developments, we are constantly taken by surprise by new applications in this context. We are constantly trying to come up with isolated solutions to these new developments based on historically defined rules as they apply to humans or natural persons.
New issues emerging from technological developments, such as data access with connected cars, do however call for new and perhaps far more radical solution approaches based on thinking in terms of new wholes, such as digital ecosystems. New possibilities arise when traditional objects are enriched with combinations of algorithms, software and data. Solutions will, therefore, not be found in the possibilities that ensue from the past. New questions surrounding algorithms, software and data call for new ways of thinking and new insights that accept the autonomy and independence of the intelligent object that communicates and interacts within a whole, and urge us to consider how we, as humans, would be willing to transfer our responsibilities to this whole.
1. International Automobile Federation (2017), What EU legislation says about car data. Legal Memorandum on connected vehicles and data. Memo by Dr M. Störing of Osborne Clarke. Memo on matter 1060415
2. European Commission (2017), The race for automotive data. Digital transformation Monitor. (January 2017)
3. McCarthy, M., Seidl, M., Mohan, S., Hopkin, J., Stevens, A., Ognissanto, F. (2017), Access to In-Vehicle Data and Resources. Final Report. European Commission. Directorate-General for Mobility and Transport.
4. Kerber, W. (2018), Data Governance in Connected Cars. The Problem of Access to In-Vehicle Data, 9 (2018) JIPITEDC 310 paragraph 1.
5. Lier, B. van (2018), Thinking about ecologies of autonomous cyber-physical systems and their ethics. Rotterdam University of Applied Sciences publishing. ISBN 9789493012028
6. Yaga, D., Mell, P., Roby, N. and Scarfone, K. (2018), Blockchain Technology Overview. US National Institute of Standards and Technology NISTIR 8202
7. Adolph, M. (2019), ITU Standards for Blockchain and Distributed Ledger Technology. ITU
Ben van Lier works at Centric as Director Strategy & Innovation.
9 december 2021 (online cursus van 1 ochtend) Workshop met BPM-specialist Christian Gijsels over business analyse, modelleren en simuleren met de nieuwste release van Sparx Systems' Enterprise Architect, versie 15.Intensieve cursus waarin de belangri...
17 maart 2022 (online seminar op 1 middag)Praktische tutorial met Alec Sharp Alec Sharp illustreert de vele manieren waarop conceptmodellen (conceptuele datamodellen) procesverandering en business analyse ondersteunen. Waardevolle online tutori...
29 en 30 maart 2022 (Face-to-face én Live Video Stream) Niet eerder nam zo'n keur aan internationale topsprekers deel aan de DW&BI Summit. Schrijf in voor de negende editie van ons jaarlijkse congres met wederom een ijzersterke sprekers li...
19 en 20 mei 2022Praktische tweedaagse workshop met internationaal gerenommeerde spreker Alec Sharp over herkennen, beschrijven en ontwerpen van business processen. De workshop wordt ondersteund met praktijkvoorbeelden en duidelijke, herbruikbare ric...
30 mei t/m 1 juni 2022 Praktische workshop Data Management Fundamentals door Chris Bradley - CDMP-examinatie optioneel De DAMA DMBoK2 beschrijft 11 disciplines van Data Management, waarbij Data Governance centraal staat. De Certified Data Managemen...