Carmakers including Kia, Subaru, Mitsubishi and General Motors are providing details of owners’ driving behaviour to insurance companies, leading many drivers to report surges in car insurance premiums despite industry claims that the transmitted data (‘telematics’) helps good drivers pay less.
The revelations have stoked a PR firestorm after the New York Times related the experiences of Seattle software company owner Kenn Dahl, who was stunned when the cost of renewing the insurance on his electric Chevrolet Bolt jumped by 21 per cent for no obvious reason.
Enquiries pointed him to a driver score report maintained by risk management firm LexisNexis, which – unbeknownst to him – had collected and collated a 258-page Consumer Disclosure Report detailing the dates, start and end times, and distance driven of 640 trips he and his wife had driven over the past six months.
Data about each trip also contained three metrics – speeding, hard braking, or fast acceleration – that have been correlated to safe driving and were relayed from the Bolt to the LexisNexis Telematics Exchange through a data sharing deal with General Motors.
Despite enabling benefits such as streaming entertainment and vehicle tracking, the constant connectivity of modern cars is also allowing car makers to enrol drivers in systems like GM’s OnStar Smart Driver, which – despite being marketed to drivers as a gamified way of earning rewards for good driving – funnels data about millions of drivers to insurance companies for their analysis and use in setting policy premiums.
Marketed as enabling insurers to “create insurance solutions that offer consumers greater access to more auto insurance products”, the systems are putatively designed to help insurers evaluate risk, particularly around electric vehicles that have a different risk profile – and to help them “use these new insights collected from real-world driving behaviour to enable better pricing”.
Yet the experience of many drivers tracked by the systems has been anything but better, with many reporting soaring insurance premiums and some drivers reporting being denied insurance – including one owner of a Chevrolet Corvette sports car who realised, too late, that the system had been tracking his high-speed driving session on a private racing track.
While GM asserts that Onstar Smart Driver data is only shared with insurance companies with drivers’ “explicit consent”, dealers are incentivised to sign buyers up to connected car programs and many drivers report being unable to identify where they actually provided such consent – with details of data sharing typically buried in pages of esoteric terms and conditions.
The dark side of better driving data
Using data to adjust car insurance premiums is nothing new – insurers have, for example, long asked questions about driving habits and adjust premiums based on the relative crime rates in the owner’s suburb, while usage based insurance (UBI) companies like Youi promise lower rates for drivers that don’t travel often.
The addition of new data sources is turning pay-as-you-drive UBI policies into pay-how-you-drive policies, with other insurers promising lower premiums in exchange for drivers’ willingness to install ‘telematics’ devices, called ‘black boxes’ in Australia, that continuously monitor driving behaviour by downloading data from even older cars.
Yet modern cars not only collect such data but invisibly report it to car makers for onsale –– removing the opt-in of black boxes and quietly turning the cars into “privacy nightmares on wheels” that have led researchers to finger Toyota and two dozen other carmakers for hoovering data from in-car sensors, microphones, cameras, and connected phones.
Now that LexisNexis, Otonomo, Verisk and other firms are using that data to treat drivers favourably or prejudicially – Dahl, for one, found out that eight insurance companies had requested details of his driving history from LexisNexis – many worry about the provision of that data to insurers hungry for what is euphemistically referred to as “data-driven risk decisions”.
“Drivers and passengers have a certain level of expectation of privacy in their own vehicles, however that expectation does not currently match what the automotive industry is doing,” noted Dennis Kengo Oka, principal automotive security strategist with the Software Integrity Group of data-driven chip maker Synopsys – who warned that telematics data could be used not only to penalise perceived risky drivers, but to automatically issue speeding tickets.
“Although there are various long privacy policy documents from automakers stating that data is collected, consumers typically are not aware and the data collected is beyond their expectations” – nor do they know how the data is processed, stored, shared, or sold, or how it can be deleted or protected.
“This,” Kengo Oka said, “can have huge implications for consumers.”
Here, in Australia
It may be some time before Australian car owners are hit with similar penalties for their driving behaviour, however, with an Insurance Council of Australia (ICA) spokesperson indicating that the organisation “is not aware of this practice occurring in Australia.”
“The insurance industry in Australia has to comply with significant regulation when it comes to the collection and sharing of data and information, which is vastly different to processes of this kind in the United States,” the spokesperson said while noting that motor vehicle insurance premiums are rising due to increasingly valuable cars, inflation, and losses from extreme weather events.