Jean-Louis Gassée, writing for Monday Note:

All cars manufactured after September 2014 must include an Event Data Recorder (EDR), as mandated by the National Highway Traffic Safety Administration (NHTSA). The NHTSA also mandates that 15 streams of data — speed, throttle input, braking effort and so forth — must be recorded, and has created standards for 30 more “voluntary” data types. In the event of a crash the NHTSA requires that the EDR data be made publicly available. This is for the good: The NHTSA simply wants the data to be available for study as an aid in improving safety. But…

“…perhaps the most significant feature of the Part 563 rule is that manufacturers must now relinquish their proprietary control over the equipment, software, and data decoding algorithms, thus lowering the barriers to data access.”

Beyond crash data, not much is said about who exactly has explicit or implicit permission to access the EDR’s content. Anyone with physical access to the car’s On Board Diagnostics (ODB) connector (your local car mechanic) can look into your dirty driving habits and can also install software updates, benevolent or otherwise. How are normal users to know if their car has been compromised, and for what purposes? Now add wireless connectivity and even more hacking fun can be had…

That last bit is key. How can you know if your car’s security has been compromised? I have access and control over my computer. I can run any virus scanning software I choose, customize my firewall, add hardware barriers as well. But my car’s security is strictly in the hands of my dealer.