The Way You Drive, Not Just Where, Is Yet Another Piece Of Totally Identifiable Personal Data

Image courtesy of Atwater Village Newbie

“Individuality” does not exactly spring to mind when you’re in the middle of the workday commuter crush, trawling the same roads at the same time as every other 9-5 worker who has to get to work and pick the kids up from school. And yet it turns out that you — yes, you — have a unique way of approaching that commute. So unique, in fact, that it only takes a few minutes of driving data for you to be completely identifiable.

It’s another one of those stories that sounds like some kind of B-grade science-fiction TV show plot point, but is in fact part of our modern reality. As Wired reports, the way you drive — not just where, but how — is so unique to you that it forms yet another digital fingerprint you can be identified from.

As Wired explains, researchers from the University of Washington and the University of California at San Diego have discovered that the data in your car’s onboard computer can be surprisingly personal. Plug into a car’s CAN bus, take a look at what you find there, and odds are pretty good that you can identify who drove the car.

How good? The research team found that 15 minutes’ worth of data from the brake pedal — and only the brake pedal — could lead them to choose the right driver, out of 15 options, 90% of the time.

Again, with just the brake pedal data, upping that collected data to 90 minutes’ worth, allowed them to pick the correct driver 100% of the time. For a 100% hit rate with 15 minutes’ worth of data, they just had to collect records from more than one car part.

That data isn’t car-specific, either: you drive like you whether you’re in your old beater, your new hotness, or a rental car you just picked up this morning.

Odds are pretty slim that anyone’s ever going to walk up to your car, plug into the CAN bus, and start merrily telling you what they find without your permission. But you don’t have to get physically near to access that data, Wired explains: tons of drivers plug onboard devices into their cars, and those devices shoot that same data up, up, and away into the cloud somewhere.

The devices — consumer models like Hum or Zubee, or insurer-provided gadgets from companies like Progressive — are the same sort that researchers in 2015 discovered could be hacked to let you remotely cut a car’s brakes. And they were introduced a decade ago.

The researchers’ key take-away? Rather than letting just any old plug access all the data from your car’s CAN bus, they suggest, there should be a series of permissions. If you’re plugging in a gadget to track your fuel efficiency, it doesn’t need to know every time you turn the steering wheel. If you’re letting your insurance track your mileage, maybe you don’t always want them to know when you hit the brake pedal. Some opt-in and opt-out structures could go a long way.

A Car’s Computer Can ‘Fingerprint’ You in Minutes Based on How You Drive [Wired]