The Quiet, Billion-Dollar Liability Auto Finance & Insurance Companies Face - AutoSuccessOnline

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
AutoSuccess Online
The No. 1 Sales-Improvement Source for the Automotive Professional
F & I Solutions

The Quiet, Billion-Dollar Liability Auto Finance & Insurance Companies Face

With fines that can cost up to $7,500 per occurrence and with 273 million vehicles on the road today, not deleting the personal information in vehicles constitutes a multi-billion-dollar exposure for the automotive industry.

Andrea Amico
By Andrea Amico
Andrea Amico is the founder of Privacy4Cars, the first privacy-tech company focused on identifying the challenges posed by vehicle data, and creating solutions to better protect businesses and consumers.
Published:

Today’s modern vehicles capture thousands of data points of personal information from consumers, including but certainly not limited to phone numbers, home addresses, navigation history and garage door codes. If this information is not proactively deleted before the vehicle changes hands, it can lead to identity theft, home burglaries and more. 

Related Articles

Once this occurs, auto-finance companies and insurance companies — the legal owners of millions of vehicles on the road today — may be held liable for damages and simultaneously faced with expensive penalties and years of litigation.

Regulators and plaintiff attorneys are increasingly putting the auto industry and the lack of protection surrounding the personal data collected by cars under scrutiny. For instance, the attorney general of California recently reported its investigative and enforcement activity of the California Consumer Privacy Act to the public. The first case mentioned is a vehicle manufacturer/dealership collecting data from consumers during test drives. 

This is not a California-only problem; in fact, unbeknownst to most people in the industry, there are currently over 200 laws that aim to regulate this data. Some laws generally apply to all entities (e.g., data security and data breach laws), while some apply to specific sectors. An example of the latter are the National Association of Insurance Commissioners’ Model 673 and Model 670 laws (currently enacted in 39 states and Washington D.C.). These two laws impose requirements on the data collected by insurance providers — including the data stored in vehicles that may end up becoming the property of an insurance carrier (i.e., after a vehicle is deemed a total loss and the title is transferred). 

With fines that can cost up to $7,500 per occurrence and with 273 million vehicles on the road today, not deleting the personal information in vehicles constitutes a multi-billion-dollar exposure for the automotive industry. Plus consumer damages. Plus legal costs. 

The “it can’t happen to us” mindset isn’t applicable to the automotive industry anymore. All the main car rental companies have already been sued over the data left behind in infotainment systems. Two of those auto businesses have settled for hundreds of thousands of dollars per plaintiff. This is why there is a growing number of marquee names — from OEM captives and national banks, to fleet management companies, dealership chains and credit unions — taking action and creating technical and administrative measures to create “reasonable security” (as required by most laws). This is done by removing the personal information of consumers and ensuring there is a strong trail of records to demonstrate compliance.

Every compliance expert will tell you that just deleting the information is not enough. In order to minimize risk, three steps are necessary. First, it’s imperative to document a policy that requires the deletion of personal information from each and every car. In fact, we see automotive manufacturers adding language to their privacy policies stating that data left behind in the vehicle systems could be exposed to unauthorized third parties, and therefore the owner should remove it before handing off the vehicle. The second step is to be sure that the personal information removal process is deemed legally “reasonable,” meaning that the process can be monitored and has already been proven to deliver reliable outcomes. Finally, businesses must track robust records. These records will serve as reliable evidence of the protections that you have laid out for your customers and that your policy has lived up to its promise. 

Have you considered this massive liability as a material threat to your business?  If it sounds serious, it’s because it is. Taking action may feel overwhelming given the tens of thousands of variations of systems across vehicle makes, models, years and trims, but it doesn’t have to be. New tools can help businesses like yours put simple procedures in place to address compliance with local and federal laws. With consumers increasingly worried about protecting their data, we have strong evidence that auto businesses that act can also benefit from higher customer retention and satisfaction.

You May Also Like

Advanced Automotive Technology Showcased at CES 2024
One of the Best Kept Secrets to Building Wealth & Creating Passive Income
Critical Thinking for Great Success
Cybersecurity for Dealerships
Leadership Solutions

Elevating the FTC Safeguards: Embracing a Defense in Depth Approach

In a serious cyberattack, a single security control may not be able to mitigate all the damage, but multiple controls working in unison can.

Nick Reed
By Nick Reed
Nick Reed is an IT security analyst for OCD Tech.
Published:
Elevating the FTC Safeguards: Embracing a Defense in Depth Approach

In the ever-evolving landscape of cybersecurity, one fundamental principle remains clear: compliance does not always equal security. Auto dealers must be proactive in protecting their customers’ data and in maintaining their brand’s integrity. Applying the security concept of defense in depth is essential to fortify FTC Safeguards compliance and ensure robust security.

Read Full Article

More F & I Solutions Posts
Why Dealers Should Care About the Coming Auto Insurance Recovery

The anticipated upswing of the auto insurance market in 2024 — and lower insurance rates that come along with it — should have dealers celebrating.

By Mike Burgiss
Why Dealers Should Care About the Coming Auto Insurance Recovery - Polly
F&I 2024 Dealer Outlook: How Online Options Will Help Dealers Better Serve Customers

Dealers must find ways to maximize F&I sales opportunities, because in this highly competitive landscape, dealerships rely on the sale of these products to enhance their bottom line and remain competitive.

By Travis Wools
F&I Outlook from Protective Asset Protection
Is a Vehicle Test Drive Still Relevant Today?

An important part of the process, the test drive is the strongest opportunity to build the customer’s positive emotions around the vehicle.

By Ian Vandenbark
Is a Vehicle Test Drive Still Relevant Today?
Protect Your Dealership

Thirty-four percent of dealers are still lost concerning certain key components of Safeguards law compliance.

By Ken Hill

Other Posts

Privacy4Cars Awarded Three More Patents

The patents come as new regulations require deletion of consumer personal data stored in vehicles in New Jersey and Illinois.

By Kyle Alexander
How Dealership Texting Software is Changing the Game

Dealership texting software is setting new standards in customer service and sales efficiency, proving to be an indispensable asset in the modern dealership toolkit.

By Jason Girdner
How Dealership Texting Software is Changing the Game - Tecobi
How Women In Automotive Benefits the Auto Industry

WIA seeks to break down old stereotypes in a way that truly creates channels of opportunity where both women and men can participate.

By Michael Trasatti
Women In Automotive
Are You The Captain Now?…or Is Bad Marketing Steering Your Ship?

It’s time to get out of the mindset of cut, cut, cut, and into the mindset of spending wisely for your long-term success.

By Zach Billings
Is Bad Marketing Steering Your Ship?