UK law makers have realized that Smart car owners might be vulnerable to new cyber threats. Lord Callanan explained that new data protection laws will help to protect smart car owners from hackers.
IBTimes UK quoted Transport Minister Callanan as explaining in a statement, "Whether we're turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks."
UK quick to act on smart car cyber threats
The problem of smart cars being hacked is not new, but the UK has been quick to push for laws to protect smart car owners, in terms of the length of time most bills and laws take to be enacted.
Slightly over two years ago, Business Times International reported that there was a lot of internet and cyber threat potential opening up in the new transport industry.
They quoted Jeff Williams, chief technology officer of the security firm Contrast Security, as saying, "Cars are vulnerable because they were never built with defenses in mind. If you take something that was designed to work in one set environment and you connect to it a much more hostile environment, you don’t have the right defenses in place. So, of course, it’s vulnerable."
Data protection essential as smart cars have vulnerabilities
As far back as 2015, Wired reported that experts found that Fiat Chryslers had a vulnerability through their UConnect feature that potentially allowed hackers to gain control of the vehicle from a great distance.
While initially this breach and others conducted on BMW's were carried out by researchers, hackers were not slow to identify a way to gain control of vehicles, and potentially use their skills to run the now common ransomware scam.
The new data protection laws in the UK will ensure that the government helps to protect smart car users, but it will also require cooperation from businesses.
Minister of State for Digital Affairs, Matt Hancock pointed out that "Enforcement will be enhanced, and the Information Commissioner given the right powers to ensure consumers are appropriately safeguarded." Nevertheless, IBT detailed that, "businesses have around 10 months to ensure that their systems are compatible to meet the requirements of the new law."
The aim of the new Bill in the UK to tackle the cyber threat to new smart car owners is ambitious, and just some of the data protection they hope to achieve will be done as follows:
- Smart car owners will be able to request their personal data is erased by companies who hold their data.
- Obtaining such consents will be made easier for car owners.
- Change and expand what personal data means in terms of legal definitions and this will include things like IP addresses, and
- "Enable parents and guardians to give consent for their child's data to be used."