From department of motor vehicle records to C.L.U.E. (Comprehensive Loss Underwriting Exchange), auto insurance companies can turn to massive databases to determine premium rates for their policyholders.
But the use of such data, plus other high-tech sources of information, like event data recorders and global positioning systems, is prompting consumer groups to demand more stringent regulations to ensure privacy rights.
In regard to DMV records, one recent event that caught many consumer advocates’ attention was the settlement last month between Allstate Insurance Company and the California Department of Motor Vehicles.
Allstate paid a $1 million fine and changed its computer security procedures after finding that some employees improperly accessed confidential driving records. In one instance, an employee released a confidential home address that allowed a driver involved in an accident to send a written threat to another driver.
Allstate, the second largest auto insurer in the United States, said after the settlement that it will cooperate and work with the DMV to ensure that confidential information is protected.
“We have been cooperating with the DMV to address issues up to and including reimbursing the department for the cost of the audit,” Lisa Wannamaker, a spokesperson for Allstate in Northbrook, Ill., told National Underwriter. “We took immediate actions to ensure that consumer information is properly protected. Allstate has developed and begun implementing more rigorous
information security procedures in all of its California offices.”
But Beth Givens, director of the Privacy Rights Clearinghouse, a nonprofit consumer advocacy group in San Diego, argued there could be many more similar instances of misconduct among auto insurers that people simply don’t know about.
“My guess is that illegitimate access to DMV records is more common than we might realize. There is always the temptation for people to snoop when they have access to a robust data file,” Ms. Givens said.
To keep such temptations in check, all companies with access to databases like DMV files should have an air-tight electronic audit mechanism in place, she suggested, so they can trace such access to each individual in the company and penalize anyone who searches these records illegitimately.
“And the contract really needs to be written so that auto insurance companies obtain only the minimum information they need. They should not be able to peruse the entire record. My guess, however, is that in many cases, their access is not limited to the minimum, especially with legacy systems.”
In addition to motor vehicle records, many auto insurers use C.L.U.E., a popular personal lines claims database, to assess accident histories of policyholders.
The use of this information has been criticized recently, mostly as it relates to homeowners insurance. Realtors say it can hinder their ability to sell homes, since claims inquiries and reports by homeowners go into the database, even when they don’t result in any loss payment.
But C.L.U.E. is even more widely used in auto insurance, with some 95 percent of auto insurers sending in data to Alpharetta, Ga.-based ChoicePoint, which runs the database.
Dan Kummer, director of personal lines at the Des Plaines, Ill.-based National Association of Independent Insurers, explained that C.L.U.E. got started 10 years ago. It started, he said, “because a lot of states on their motor vehicle records do not put accident information. So the insurance industry started collecting claims information, and the insurers do it on property and on auto.”
Essentially, all the insurers that belong to the system provide data to the database. “So if you are with State Farm, for example, and decide to move to Allstate, the Allstate underwriter can quickly go into the system and see what kind of claims record you had over the last few years,” Mr. Kummer said.
“It’s used to rate the insureds correctly and put them into the proper tier within the company. That’s what insurers use the C.L.U.E. system for in the auto area.”
Mr. Kummer added: “It’s just to make sure that if a person comes in off the street and says, ‘I had one accident and two violations,’ when insurers pull the motor vehicle report, they will verify the violations. When they pull the C.L.U.E. report, they will verify the accident that person had.”
Still, Ms. Givens of Privacy Rights Clearinghouse argued that C.L.U.E. is largely hidden from the American public, and that most people learn about it only after something bad happens to their insurance.
Auto insurance is certainly covered under C.L.U.E., Ms. Givens noted, and there really needs to be more thorough disclosure requirements about it when customers obtain a new policy, as well as on an annual basis. “Auto insurance customers need to be informed about the database, what it does, and how it might be used to determine their rate and ongoing coverage. I think this is a
requirement that should be in the law.”
In addition to motor vehicle records and C.L.U.E., event data recorders and global positioning system devices could be important data-gathering tools for insurers in coming years, especially if prices of such devices drop, making them more attractive to car drivers and manufacturers.
Mr. Kummer of NAII explained that event data recorders record the last few seconds prior to an accident, giving an idea of what happened at the time of a crash.
“What’s installed in a lot of high-end cars right now [are] global positioning systems, but that’s part of a bigger system internally in the car. The GPS technology, currently used by Onstar and other similar services, tells where you are. Essentially what it does is if you have an accident and if airbags are deployed, the system will call up an operator and [the operator] will check on you to see if you need assistance,” he said.
“If the car goes off the road and rolls, there are sensors that could tell something severe happened to the car. In such events, operators can send help and they will be able to identify, within a few feet, where you are actually at, even if you are off the road.”
One of the things many people don’t understand, he added, is that such systems in high-end cars monitor a lot of other parts inside the vehicle, gathering a lot of data. It could be the braking system, the airbags or seatbelts in the car–whether they were used or not. And that gives everybody a clearer picture of what was going on.
But lately, people have been talking about the privacy aspect of some of this information, Mr. Kummer noted. “Do people want all that information going out to car manufacturers and insurers? Insurers are obviously interested in getting some of that information if there are some questions about an accident.”
The NAII has been looking at the issue of whether consumers are notified that such personal information could go to General Motors or Mercedes, for instance, or third-party vendors. “Many people don’t realize it, and that’s a discussion that needs to be had, particularly with owners of high-end vehicles. They truly don’t realize all the data that is being collected.”
“Typically in an accident, in the last five seconds, systems will record a lot of information about the speed and whether seatbelts were used,” Mr. Kummer said.
Obviously, he added, the insurance industry is interested in that information to help with accident reconstructions, but there are lingering questions about whose data it is, and whether insurers would need a release from the driver.
“But basically, an insurance contract says if someone is going to be insured by a particular company, generally the person has to cooperate with that company and provide whatever data is needed.”
The actual tracking and recording of drivers’ locations using the GPS technology for insurance-related purposes is not available in current systems, because gathering and storing such information can be very expensive and impractical. An example is a pilot program put in place a few years ago by the Progressive Corporation in Mayfield Village, Ohio.
“The whole premise behind the Progressive program was if you use public transportation and take the bus to work everyday and the car sits in the garage, you are going to pay less for your auto insurance,” said Mary Beth McDade, a spokesperson for Progressive.
“We understood how GPS works and frankly, we hoped that vehicle manufacturers would put the GPS technology in their cars in a more stepped-up pace,” said Ms. McDade. In its pilot program, she explained, Progressive had to pay for retrofitting all vehicles with usage-based policies with GPS monitors, which became cumbersome and costly. The program, which started in 1998 in Texas, was discontinued in July 2001.
“We believe the idea is a good one. It’s about giving consumers control over their auto insurance rate. This is the ultimate way to control it,” she said. “We just need to work with car manufacturers on more cost-effective ways to get those devices into cars. We were really ahead of our time.”
But if the GPS tracking device in every car is Progressive’s vision, it’s a future that many consumer groups would vigorously fight against. “With auto insurance, computer tracking of cars is there on the cusp. I know Progressive has been interested in the idea for a while,” said Doug Heller, senior consumer advocate with the Santa Monica, Calif. based Foundation for Taxpayer & Consumer Rights.
“When you start installing these tracking devices in cars, you end up moving too close to a person’s privacy for customers to feel satisfied. They would feel, instead, nervous or threatened by the technology,” Mr. Heller said.
“There would be a sense that we’ve got a big brother in the passenger seat. And that’s not the kind of society we are. Whether it’s the government or a corporation, we don’t want a big brother watching our every move.”