Privacy Protection (5)
Description:
Privacy has always been and will remain a major concern of residents of any state considering a RUC program. To succeed, a RUC program needs a blend of technical, operational, and legal measures to ensure privacy. This building block addresses those concerns and explains how to create those measures.
Details:
To ensure privacy protection, the following measures should be considered for inclusion in RUC legislation:
- Impose upon the holder of RUC data the duty to protect this data from disclosure to third parties.
- Do not allow RUC data to be used for any purpose other than the collection of RUC, and do not allow RUC data to be sold or transmitted to any third party without the vehicle owner’s consent.
- Guarantee the destruction (not just the deletion) of sensitive RUC data—such as location data—after the statutory deadline for audit has passed, except in cases of dispute or audit, or if the vehicle owner chooses longer data storage.
- Ensure that RUC data are not subject to public records requests.
- Establish rights for the RUC payer, including the right to inquire and examine personal information, the right to rectify errors or inaccuracies, the right to the erasure of location and metered use data that are no longer needed, and the right to effective judicial remedy.
RUC legislation should include technical/operational measures to ensure privacy rights and should include, at a minimum, the following measures:
- Ensure that there is no requirement for vehicle owners to provide location data by offering mileage reporting choices. If a user chooses a mileage reporting option that includes the collection of location data, legislation should require these data to be stored and aggregated by the private sector.
- Require private sector vendors to have a user agreement that repeats all legal rights, with the option to add additional protections. Vehicle owners could have the option to allow vendors to retain their data longer than the required data destruction time period and to receive certain value-added services that could be created from this data. However, opting into this should be voluntary, and the data should not be used for other purposes.
- Require all involved private and public entities to institute rigorous cybersecurity measures.
- Remember that interstate commercial motor vehicle operations participating in the International Fuel Tax Agreement and the International Registration Plan are already subject to mileage reporting requirements. The state should consider whether heavy-duty and medium-duty vehicles should be subject to similar mileage reporting requirements for a RUC program.
Primary Use:
Address privacy concerns so policy development and legislation can progress.
Best Practices/Lessons Learned:
Include options for users to report their mileage that do not require location-based data. Many individuals and groups are strongly opposed to the use of such data.
State Government Context and Assumptions:
Jurisdictions may or may not have a privacy law, but legal privacy protections may still need enhancement for RUC. Experienced law and policy development specialists should do this work.