A class action lawsuit filed against Subaru claims that their DriverFocus distracted driving crash prevention system scans the faces of drivers without explicit written consent.
The suit filed in Chicago, Illinois, alleges that Subaru’s DriverFocus system scans and stores the facial geometry of up to five drivers, and that the Subaru provides no information on how the data is collected, stored, and used to its customers. The class action suit also notes that the automaker started gathering and using biometric data in certain models starting 2019.
The lack of written permission to use data from customers is claimed to be a violation of the Illinois Biometric Information Privacy Act law, which was enacted in 2008.
Subaru’s advanced driver assistance systems (ADAS) scans, captures, and stores biometric identifiers — the face scan, in this case five different drivers’ face scans to adjust features of their cars based on who is sitting behind wheel.
ADAS is a term used to describe any system that assists with navigation, braking and acceleration while you drive your vehicle. ADAS includes capabilities such as: adaptive cruise control, collision avoidance assist system, lane departure warning systems, emergency braking assist system, pedestrian detection and even blind spot monitors.
The use of ADAS is expected to increase over the next 10 years. In part this usage will be driven by consumer and government interest in safety applications that protect drivers and reduces accidents.
As an example, the United States and European Union are mandating that all vehicles be equipped with autonomous emergency braking systems and forward-collision warning systems by 2022.
Security Challenges of Connected Cars
The class action suit raises interesting questions about the need for privacy and security. As biometric data is collected by ADAS then transmitted into a cloud storage system. How then do the rules and regulations apply as drivers data is transferred to third-party providers?
Even though companies and organizations keep revolutionizing their IT security systems, data privacy and security has been a long running concern for those interested in a “connected” car experience.
However, newer regulations in California as well as GDPR compliance in Europe make for an interesting legal landscape for biometric systems in cars.
As ADAS becomes more common in automobiles data privacy and security concerns are being raised. Automakers ensure that they are taking steps to protect the data collected by these systems.
However, it’s possible that a security breach will have an adverse effect on market growth for ADAS and more advanced autonomous driving technology in general.
Last Updated on December 9, 2021
Finder and reporter of automotive news & recalls. Emily is a professional writer who has covered various industries such as law, automotive, and mobility. She enjoys spending time with her family and improving her photography skills. While she loves writing, Emily’s true passion lies in helping others.