The dawn of a new day brings another gadget onboard the automobile. Behold the Black Box, or, more accurately, the automotive event data recorder (EDR)—a nondescript piece of technology that spends most of its functional life waiting for an electronic wakeup call from a car’s airbag safety system to fulfill its mission.
Its anonymous cladding, though, obscures a controversy. This little piece of technology recently has been troubling consumers, the courts, insurance carriers, lawyers and regulators. Even while it promises answers to automotive claims, it’s also triggering questions about judicial admissibility, insurance coverage, privacy rights, regulatory concerns and technological capabilities. Many of the questions can be answered with a better understanding of the technology and its implications, while others will be resolved over time as the EDR technology matures.
As a frontline representative for your carrier, you’re not only a consumer concerned with the personal ramifications of the technology, but you must present your company’s perspective as well. Here we’ll take a look from both sides.
Ever since George Orwell released his classic novel 1984 in which he described a totalitarian society where it was announced that “Big Brother is Watching You,” people have been leery about losing control of their privacy. The big question is: Can the EDR spy on me as I drive? No. The EDR is a data-gathering module located in your car’s airbag control system that is designed to collect specific data in case of deployment—no microphones, no cameras. The EDR is unlike OnStar by GM or similar products that have communications, in-vehicle security, GPS and remote diagnostics capabilities. Their satellite and real-time monitoring make them more vulnerable to questions of privacy invasion than the EDR.
When airbags don’t function as designed, automakers become liable for the injuries sustained by drivers and passengers. The EDR was developed to collect operational information about airbags so performance could be improved. It was a very short jump then to apply the technology to the needs of regulatory agencies like the National Highway Transportation Safety Administration (NHTSA) which require real-world crash statistics for highway safety research. Then, add accident investigators, attorneys and insurance carriers who want access to accident data for their own purposes, and suddenly the EDR becomes a child caught in a custody battle among groups with conflicting needs and interests.
The result is that the EDR is now being re-engineered by the NHTSA and other interested parties to meet operational and reporting standards for a broader audience—although these parameters will apply only to automakers who install EDR modules in their airbag systems, with voluntary compliance set for 2010. To be clear, not all cars have EDR modules in their airbag control systems—the NHTSA estimates 64% of model year 2005 have some EDR capability. Those numbers certainly will increase over time, but at this point it is an automaker’s decision whether or not to install EDR.
What is the EDR?
The EDR is a box of circuitry attached to the airbag module that will collect operational information if the airbag deploys. An important detail: there are crashes and near crashes in airbag lingo. The airbag deployment module activates when it suspects an accident is in the offing, and that is known as a “near crash.” The system is ready to react, but the airbag does not deploy. The EDR will store near-crash data until it’s overwritten by another near-crash or crash event. It’s the crash event that is significant here—that’s the data accident investigators will harvest.
What turns on the airbag deployment system? Sudden changes in speed. When rapid accelerations or decelerations occur, the EDR system wakes up and does two things. First, the EDR takes the data it has been sampling every second and saves the last five seconds of it. This data includes vehicle speed and engine RPM, and also may include seatbelt buckling, brake application, shifter position, cruise control settings, and throttle setting. Secondly, the EDR records the subsequent rapid changes in vehicle speed which describe the behavior of the vehicle during the collision. This second type of data sampling may occur for a fixed amount of time, or it may continue until the system determines that the action has ended.
How is data collected?
If the vehicle has an EDR, then its crash data can be downloaded by using a Crash Data Retrieval (CDR) interface. The only commercially available system comes from Vetronix Inc., a wholly owned subsidiary of Robert Bosch GmBH, and licensed by General Motors (GM), Ford and Chrysler. Some joint venture vehicle lines like Isuzu (GM) and Volvo (Ford) also are compatible, but it’s important to know that, even with these automakers, not all models can be accessed through the Vetronix CDR. EDR access for all other automaker models must be initiated through the manufacturers, although they’ll now have to facilitate CDR access under the NHTSA rule. Most importantly, CDR downloads are best performed by those trained to operate the interfaces—this could be the automaker, law enforcement personnel, or auto accident investigators.
More on the EDR
With the EDR, there are several key points to keep in mind. Tampering with airbag sensors or attempting to remove the EDR can imperil safe operation of the airbags and related safety systems, nullify warranties, and abrogate NHTSA safety standards, and should be avoided at all costs. All the EDR matters should be handled by trained personnel.
At present there are no guarantees for airbag EDR data accuracy and completeness, and there are operational and structural issues that hamper the technology. For example, automotive black boxes aren’t as resilient as their aviation cousins—those can withstand concussion, freezing temperatures, infernos and submersion. Airbag EDRs experience glitches, spotty recording and other challenges, especially as automakers adjust the technology to suit regulators. As a result, the data retrieved from an EDR download is best used as an adjunct to a thorough accident investigation, and virtually never as stand-alone testimony as to facts. Certainly, the data may corroborate claimant statements, but then again, when the issues in question are gray rather than black and white, it is crucial that the evidence be as accurate and as indisputable as possible. The EDR is getting there, but it hasn’t arrived yet. Thus, the analysis and interpretation of the data is best left to skilled automotive accident investigators who are aware of the EDR’s limitations and are schooled in broader analytics.
The airbag EDR is only one example of a vehicular data-gathering module. Today’s automobiles, especially luxury cars, are networks on wheels—newer models average 17 microprocessors on board. However, current media attention and regulatory action are directed mainly to the EDR modules embedded in airbag safety systems.
Consumer vs. Carrier
Those who investigate vehicular accidents tend to shrug their shoulders about the fears of privacy invasion. To them, EDR data is akin to any other piece of objective evidence picked up at an accident scene. Law enforcement personnel usually check the brake lights, seatbelts, tire pressures, turn indicators and more of the affected vehicles at accident scenes. If they are trained and equipped with a CDR, and the vehicle has an accessible and undamaged system, then they’ll download the data, typically with the permission of the vehicle owner. In their world, EDR data is evidence to collect, nothing more.
Things get a little more complicated for consumers. There’s something uncomfortable about the chance of being unfairly condemned by a technology deemed infallible. Plus, consumers wonder why they don’t get a choice in the matter of the placement of EDRs in their cars. The EDR is not 100% accurate and data can be misinterpreted, but consumers typically don’t have the know-how to question its veracity. Thus, fear of a loss of control stimulates the issue of EDR privacy invasion and has typically been the impetus for state and regulatory action about EDR data ownership. Ultimately, the privacy issue boils down to questions of consent: Do you know if your car has an EDR and do you consent to a data download after an accident?
The EDR perspective is a little different for insurance carriers. Its data can deliver certainty to the resolution of some automotive claims. For example, in a fatal accident on an empty nighttime road, the data from a download can reveal facts when there are no witnesses. That’s an extreme example, but evidence that adds clarity is invaluable to those who calculate exposures: absolute answers protect reserves. At least for carriers, the privacy issue associated with data ownership dissipates when carriers assume the ownership rights of totaled vehicles. On the downside, though, ownership of totaled vehicles, as well as complex automotive litigation incorporating EDR data, can expose the carrier to new types of risk. Should the carrier download EDR data as a routine measure, and should the carrier remove and store all EDR modules under its control as a matter of policy? Evidence spoliation risk and a new cost stream associated with long-term storage are unforeseen consequences of harnessing a new technology for automotive claims resolution.
EDRs & The Court
Courts are currently admitting EDR data into proceedings, and appellate courts are upholding its use as well across the U.S. So far, the preponderant users of the data are automakers and criminal courts. Both are tech-savvy about the EDR and know how to use the information in the courtroom—automakers design and build them and law-enforcement personnel are trained in crash data retrieval. This skewed usage should even out as more parties become familiar with the technology and so, too, will the balance of civil to criminal actions using EDR data as evidence.
Invasion of Privacy Protection
Privacy protection has been a hot button EDR issue for state legislatures and has also affected the EDR strategy of federal agencies with transportation oversight. As of early 2008, twelve state legislatures have passed some form of EDR legislation. A leader in privacy-rights protection, California addresses the EDR’s privacy implications by requiring automakers to disclose to new-car buyers the presence of an EDR in occupant protection systems, and to prohibit the downloading of the data without car-owner consent. Other states restrict regulatory focus to a single EDR issue like disclosure or EDR access. At the national level, the August 2006 EDR rule published by the NHTSA requires automakers to disclose the presence of an EDR to car buyers, starting with model year 2011 cars. And, when the NHTSA and others use EDR data for research purposes, the derived data is purged of all identifiers for the sake of privacy.
The consumer mantra for the EDR is that the owner of the car owns the data. Although that works well enough for now in most states, especially with federal support from the NHTSA and the Federal Highway Administration, that perspective may face challenges as EDR use expands.
Peter R. Thom is principal of Peter R. Thom & Associates Inc., a national firm of consulting automotive engineers. Contributor Ryan Devine is a managing engineer at Peter R. Thom & Associates Inc.