Summary: S.680 — 115th Congress (2017-2018)All Information (Except Text)

There is one summary for S.680. Bill summaries are authored by CRS.

Shown Here:
Introduced in Senate (03/21/2017)

Security and Privacy in Your Car Act of 2017 or the SPY Car Act of 2017

This bill directs the National Highway Traffic Safety Administration (NHTSA) to conduct a rulemaking to issue motor vehicle cybersecurity regulations that require motor vehicles manufactured for sale in the United States to protect against unauthorized access to: (1) electronic controls or driving data, including information about the vehicle's location, speed, owner, driver, or passengers; or (2) driving data collected by electronic systems built into a vehicle while that data is stored onboard the vehicle, in transit from the vehicle to another location, or subsequently stored or used off-board the vehicle. The regulations must require vehicles with accessible data or control signals to be capable of detecting, reporting, and stopping attempts to intercept such driving data or control the vehicle.

A violator is liable to the U.S. government for a civil penalty of up to $5,000 for each violation.

NHTSA must also conduct a rulemaking to require the fuel economy labeling that manufacturers attach to motor vehicles to display a "cyber dashboard" with a standardized graphic to inform consumers about the extent to which the vehicle protects individuals' cybersecurity and privacy beyond the minimum requirements.

The Federal Trade Commission is required to conduct a rulemaking to: (1) require motor vehicles to notify owners or lessees about the collection, transmission, retention, and use of driving data; (2) provide owners or lessees with the option to terminate such data collection and retention (except onboard safety systems required for post-incident investigations, emissions, crash avoidance, and other regulatory compliance programs) without losing navigation tools or other features; and (3) prohibit manufacturers from using collected information for advertising or marketing purposes without the owner's or lessee's consent. Violations are to be treated as unfair or deceptive acts or practices under the Federal Trade Commission Act.