House Republicans are working on legislation that aims to make cars and trucks more secure from hackers. But federal regulators warned at a hearing Wednesday that the bill could have the exact opposite effect.
“The proposed legislation, as drafted, could substantially weaken the security and privacy protections that consumers have today,” testified Maneesha Mithal, the head of the Federal Trade Commission’s Division of Privacy and Identity Protection.
Internet-connected cars can provide exciting new features for drivers, but they can also be susceptible to cyberattacks. Fiat Chrysler had to recall more than a million vehicles earlier this year after the company discovered a software flaw that could allow hackers to gain remote control over the engine and steering. Privacy advocates have also expressed alarm about the amount of personal information that car companies can collect.
A draft bill released last week by the Republican leaders of the House Energy and Commerce Committee aims to improve vehicle security and give consumers more control over their personal information. The bill would direct the National Highway Traffic Safety Administration to create an advisory council to craft cybersecurity standards for car companies. Anyone who accesses a car’s electronic systems “without authorization” could face a $100,000 fine under the legislation. And the bill would require car companies to create privacy policies and file them with the Transportation Department.