Protecting Consumer Personal Information: Risks and Opportunities for Dealerships

Protecting Consumer Personal Information: Risks and Opportunities for Dealerships

Dealerships may also discover that the rising attention to privacy can present opportunities to better serve their clientele and to offer services addressing the protection and peace of mind they demand.

In 2020 alone, data/privacy breaches accounted for 36% of all automotive cyber incidents: a number destined to grow as cars become “smarter” and more connected. With enhanced technology comes increased liability for dealerships, auto finance, auto insurance, fleets, mobility players and OEMs. There are new and emerging ways for dealerships to protect their customers and their business from this growing liability threat. Dealerships may also discover that the rising attention to privacy can present opportunities to better serve their clientele and to offer services addressing the protection and peace of mind they demand. It’s important to understand the risks at hand and how they relate to the automotive sales business.

Have you ever synced your phone to your car? For most American consumers, the answer is “yes!” — not just for added convenience, but because all states have varying restrictions on the use of phones in vehicles. Did you know disconnecting from Bluetooth does not delete your personal Information (PI) that was captured by (and stored in) the vehicle’s infotainment system? You must manually go into each vehicle’s settings and click through prompts, unique to each car’s make, model, year, trim, etc. to entirely delete this data. Forget to do it (or fail to follow every step correctly) and your PI will be left behind indefinitely. 

Most dealerships don’t realize that their largest database of PI is not in the service department or the F&I office — it’s for sale on their lot! A recent study discovered that consumers could find the PI of previous owners at 88% of reputable franchise dealerships — just by test-driving a vehicle or two. Some dealerships claimed to have a policy and a process to remove this PI yet were found out of compliance with their policy 75% of the time.

These cars for sale all contained many personal details: contacts, call logs, location history including the home address, garage door codes and even text messages. Leaving this data behind represents a potential danger to any dealership’s reputation and is ripe with multiple layers of potential legal liability, from federal (ex: The Privacy Rule), to a variety of state privacy, data security, data breach, record disposal, biometric laws, etc. The first lawsuit on this specific in-vehicle PI issue consumed over a year in the courts and cost hundreds of thousands of dollar to settle — with one plaintiff.

The National Independent Automobile Dealers Association (NIADA) recognized these challenges and rated privacy as the second-highest regulatory risk for dealers (after recalls). PI stored by vehicles is a quickly growing regulatory and consumer priority, and legislation only tightens in favor of consumers. While privacy on cell phones and laptops have been the historical focus, the “third screen” — the modern car — continues to garner attention from consumers, media and legislators at both the federal and state level.

Should dealers reactively wait until they see someone else targeted for not properly protecting consumers’ PI, or should they take a proactive stance? Our studies show the latter approach has major benefits. When the consumers in our study found PI in the vehicles for sale, the Net Promoter Scores for those consumers dropped dramatically, and 76% of consumers refused to purchase the vehicle after realizing the risks to their privacy. At the same time, consumers are interested in a range of privacy-centric solutions — showing that dealerships should set up a program that reduces risks, generates more leads and sales while protecting consumers.

Our company was created to help resolve these data privacy issues with a solution that consumers wanted and businesses needed. In the past year, we have become the de-facto standard for the wholesale channel, extending our protections and opportunities via an implemented subscription program in the retail channel. If you wouldn’t hand your unlocked phone to a stranger, what safeguards do customers need when they trade in or purchase a vehicle from your lot?

You May Also Like

How Generative AI Is Impacting Auto Lending Compliance

What is often left out of recent headlines, is the extraordinary power of AI to reduce harm, including fair lending and discrimination risks.

By Tom Oscherwitz, VP of legal and regulatory advisor for Informed

Auto dealers and lenders, like leaders in other business sectors, are grappling with the current wave of excitement over generative AI. Many professionals have already seen a coworker or vendor pitch a generative AI use case. It seems as though half the room is significantly impressed, while the other half is waiting for a negative consequence or reaction knowing it was computer generated. The safe bet is that this technology will bring significant changes to auto lending.

5 Predictions for Front-Line Chat Solutions

In the next few years, prepare for a chat solution that must act like a personal greeter to every customer who visits your digital showroom.

Maximizing Fleet Uptime: A Dealer’s Guide

This guide provides actionable insights for dealers to ensure their fleets are always on the move.

Your Service Department’s Undervalued Opportunity: Streamlining RO Stories

Consider how much time repair event stories take to write. Now, multiply that by the number of technicians employed at your dealership and you could easily be wasting hundreds of technician hours every month.

Ways to Save on Credit Card Merchant Transaction Fees

A processor should lessen your workload by handling merchant processing. They should free you up to focus on the customer, while feeling confident that your processing remains compliant and safe.  

Other Posts

Vero, Privacy4Cars Partner on Identi-FI, Identity Theft Protection

Auto dealers within the Identi-FI program will be able to offer Vero’s suite of identity theft tools to customers as a revenue-generating service add-on during the sales process.

Privacy4Cars’ Vehicle Privacy Report 2.0: More Features, Expansion into Europe

The new report doubles geographical coverage and deepens vehicles’ data practices analysis of manufacturers by adding privacy implications of infotainment apps and more.

How End-of-Year-Sales May Impact Auto Finance Digital Transformation Strategies

We still have a very paper-driven culture but we need to continue to shift focus to digitization to reduce risk and liability.

Accelerate2Compliance Partners with Privacy4Cars for Suite of Vehicle Privacy Solutions

Comprehensive security solutions help protect personal data from cyber threats.