CPPA Announces Investigation of Connected Vehicle Manufacturers’ Privacy Practices


Recently, the California Privacy Protection Agency (CPPA) announced its new initiative in investigating the data privacy practices of connected vehicle (CV) manufacturers and the related technologies. Generally, the CPPA will focus its regulatory efforts on retail, advertising platforms, online platforms, and hospitality sectors. However, since modern vehicles are now “effectively connected computers on wheels,” collecting lots of information from built-in apps, sensors, and cameras, CVs are just another source of data collection like our laptops and mobile devices. In the CPPA’s press release, the Agency stated that data privacy considerations are “critical” because CVs “often automatically gather consumers’ locations, personal preferences, and details about their daily lives.” Due to these factors, the CPPA will make inquires to CV manufacturers to understand how these companies are complying with the California Consumer Privacy Act and its amendments pursuant to the California Privacy Rights Act (collectively the CCPA).

Here’s what you need to consider if you are in the CV manufacturing industry or related technologies:

Notice and Right to Know

Right to Delete

Right to Opt-out of Sale or Sharing

Automated Decision-Making Technology (ADMT)

CV manufacturers have increasingly become targets for regulatory scrutiny. Now, as the CPPA begins its enforcement of the CCPA, CV manufacturers should consider whether the CCPA applies to their business and what they need to do to comply.


Copyright © 2024 Robinson & Cole LLP. All rights reserved.
National Law Review, Volumess XIII, Number 229