Event data recorders, also known as “black boxes” or “sensing diagnostic modules,” capture information such as the speed of a vehicle and the use of a safety belt. In the event of a collision this information can be used to help understand how the vehicle’s systems performed.

In December of 2012, the National Highway Traffic Administration proposed a rule that would require automakers to install event data recorders in all new light passenger vehicles. Although the proposed rule would have required manufacturers to install the devices beginning in 2014, the rule was never finalized. Nonetheless, some estimates indicate that most passenger cars are already equipped by manufacturers with event data recorders.

Since 2005 states have passed statutes designed to address the privacy implications of event data recorders. Although variability exists among the state statutes, most statutes require that a consumer be notified of the existence of the device prior to purchase, and restrict who may access the information on the device.

On December 4, 2015, the federal Driver Privacy Act of 2015 was enacted. The Act makes clear that data collected from an event data recorder belongs to the owner or lessee of the vehicle. The Act also provides that data recorded or transmitted by an event data recorder may not be accessed by a person other than the vehicle’s owner or lessee, except in certain defined circumstances. The following provides a snapshot of information concerning event data recorders.

96%

Estimate of the number of new passenger cars equipped with event data recorders.1

17

The number of states that have passed legislation protecting the privacy of data on event data recorders.2

7

The number of exceptions included in some state statutes for who may access the data.3

 What to think about when utilizing event data recorders:

  1. If your organization is placing event data recorders on vehicles, are you permitted by state statute to do so?
  2. If your organization intends to use event data recorder information, which state statute governs your use?
  3. If your organization is using event data recorder information, does the organization (or the use) fall under one of the exceptions set forth in the state statutes?
  4. What are the penalties for failing to obtain appropriate consent?
  5. If you have obtained consent, is your consent current and valid?

1. Nat'l Highway Transp. Safety Admin., U.S. DOT Proposes Broader Use of Event Data Recorders to Help Improve Vehicle Safety, (December 7, 2012), http://www.nhtsa.gov/About+NHTSA/Press+Releases/U.S.+DOT+Proposes+Broader+Use+of+Event+Data+Recorders+to+Help+Improve+Vehicle+Safety.

2. National Conference of State Legislatures, Privacy of data from Event Data Recorders: State Statutes, (June 1, 2015), http://www.ncsl.org/research/telecommunications-and-information-technology/privacy-of-data-from-event-data-recorders.aspx.

3. See, e.g., Ark. Code § 21-112-107 (2015).