The ITS Joint Program Office-through the Professional Capacity Building Program (ITS PCB), the FHWA Office of Operations, and training partners-provides opportunities to learn about existing and emerging ITS technologies. Most training courses are free to public sector agencies.
Connected Vehicle Pilot Privacy Frequent Asked Questions
Is the vehicle license plate, VIN number, or other identification of individual vehicle needed?
No. The Basic Safety Message does not require any type of vehicle identification unique to a drive or specific vehicle.
What are the differences between Privacy and Anonymity?
Privacy is defined as a state of being away from people.
Anonymity is defined as the Quality or State of being unknown to people.
When we directly observe another vehicle, we are able to observe its location, movement, color, make, and possibility model. These are information that is potentially identifiable information. The passenger and driver are not anonymous, but cannot be identified without other information. Vehicles equipped with connected vehicle technologies are still required to display a valid license plate.
Can someone be tracked using the Basic Safety Message?
The Basic Safety Message will allow a vehicle be tracked for a limited amount of time. The message itself does not contain personally identifiable information about the occupant, driver, or vehicle owner. This is similar to scanning for Bluetooth Mac Address in a public space. Unless there are another source of information accidentally released by the owner of the cell phone, the Bluetooth scan will not reveal any information about the owner of the device.
The level of privacy protection is equivalent to what someone traveling in public can expect. The design is meant to deliver a level of privacy equal to what an observer can obtain standing by the road watching vehicles pass by.
Information compiled from independent sources leads to loss of privacy, despite protection of anonymity. Best to limit needed info element in system.
When traveling in public space there is no reasonable expectation of anonymity. The Design for Privacy concept in Connected Vehicle is not designed to deliver anonymity. The risk of combining independent data to expose PII is already an issue with cell phone location and social media. How big of a problem this will be is something the CV Pilot Sites could offer additional data to assess if and how CV data changes current risk profile.
Does the Probe Data Message require some kind of car identification to make it work?
No. Probe Data Message described in SAE J2735 do not require or depend on any unique vehicle identification.
How are Probe Data information handled?
Probe data are collected when there is a detected change in roadway conditions
Probe data are collected beginning from a start event
The length of each segment is limited to a duration of 120 seconds or a distance of 1000 meters, whichever comes first.
Each probe data segment is separated by a random time and space to increase the probability of connecting the segments
Each probe data segment can be separated by 50 to 250 meters
Each probe data segment can be separated by 3 to 13 seconds
Whichever condition is first met will be used by the vehicle to separate probe data segments.
Are there sample data available?
Yes. Sample Basic Safety Message data collected from the Safety Pilot in Ann Arbor
Safety Pilot data was collected to evaluate safety, mobility, and environmental benefits only.
SCMS certificates were not available when the Safety Pilot was operating and this is reflected in the available data.
Are data being minimized?
The Basic Safety Message content and data rate is based on the best information from early test and simulation to achieve three goals
Significant reduction in collision
Significant improvement in mobility
Measureable reduction in emission
Based on what we currently know, the Basic Safety Message contains the minimum amount of information needed to deliver these goals.