Threat to Privacy Found in Auto Insurance UBI Programs

There’s a privacy risk when policyholders join an insurer’s “pay as you drive” also known as usage-based insurance, program, according to University of Denver computer scientists.

They found that collecting data on policyholder driving habits can sometimes be used to accurately infer a driver’s destination – proving a long-time concern of privacy advocates.

“With access to simple features such as driving speed and distance traveled, inferring the destinations of driving trips is possible,” they wrote in a paper published in the proceedings of the 2013 ACM Workshop on Privacy in the Electronic Society. “Privacy advocates have presumed the existence of location privacy threats in non-tracking telematics data collection practices. Our work shows that the threats are real.”

The scientists, Rinku Dewri, Prasad Annadata, Wisam Eltarjarnan and Ramakrishna Thurimella, developed an algorithm and applied it to data from 30 routine trips made in and around the Denver area. In 18 of the trips, the algorithm placed the actual destination within the top three projected destinations.

Numerous auto insurance companies offer discounts to policyholders who enroll in UBI programs. Allstate reported recently that drivers that signed up for its UBI program, Drivewise, will register more than 1 billion miles driven this month. Allstate’s usage-based insurance product is available in 22 states.

These UBI programs rely on the collection of driving habits data such as mileage, excessive speed, hard braking, and the time of day the customer is driving during a specific monitoring period. This information is analyzed to offer a customized discount to the policyholder. UBI programs generally don’t track global positioning system (GPS) locations, and thus imply an expectation of privacy that destinations are not tracked.

The scientists found a mixture of “quasi-identifiers” – driving data that can be used to infer driving routes when used in combination – that could be used to infer destinations even without GPS data. In addition to measuring driving speed and distance traveled, “quasi-identifiers” tracked traffic stops and turns. They matched this information to road maps to determine the potential destinations of a trip, and then ranked them to deduce the most likely destination.

“We argue that customer privacy expectations in non-tracking telematics need to be reset,” they said, “and new policies need to be implemented to inform customers of possible risks.”