After several high-profile motor vehicle computer hacking incidents, new legislation was introduced on November 5 that would require a study of best cybersecurity and private practices for software-enabled smart cars. 

The so-called SPY Car Study Act was introduced by U.S. Representatives Ted W. Lieu and Joe Wilson.  The Act tasks the National Highway Traffic Safety Administration with working with the Federal Trade Commission and other federal agencies and industry leaders to carry out a one-year, cross-sector study to determine a framework for regulating, detecting, and preventing malware attacks on vehicle software.  “Americans have a right to drive cars that are safe and protected from hackers,” Rep. Lieu said in a statement.  “Frankly, without adequate protections, a hacker could turn a car into a weapon.” 

The Spy Car Study Act is smaller in scope than the Security and Privacy in Your Car Act (“SPY Car Act”), which was introduced in the Senate in July.  The SPY Car Act directs both the NHTSA and FTC to set industry-wide benchmarks to protect driver safety and privacy.  But Rep. Wilson proposed that the Spy Car Study Act is a necessary first step in assessing the situation before demanding changes in this developing field.   

Both pieces of legislation represent an increased interest in the Internet of Things, seeking to protect drivers and establish clear rules of the road that protect cars from hackers and data trackers.  The SPY Car Study Act is, as Rep. Wilson stated, “a first step in bringing industry, advocates and government together to strike a balance between innovation and consumer protection.”