Chelsey Colbert Discusses Trends in Mobility & Location Data


Chelsey Colbert, Policy Counsel, leads FPF’s mobility and location data portfolio. Prior to joining FPF, Chelsey was a lawyer at an international business law firm in Canada and was seconded as in-house privacy and data governance counsel to Sidewalk Labs, an Alphabet company that designs and builds urban innovations. Chelsey holds a J.D. with a major in technology law and policy from the University of Ottawa.

Can you tell us about your career and what led you to FPF?

While I was in law school, one of my professors, the late Ian Kerr, sparked my interest in AI and robotics and he has influenced my career path towards AI and robotics. After law school, I worked as in-house counsel for Sidewalk Labs while on secondment from a law firm. I’m really passionate about cutting edge technologies that blend the digital and physical worlds and there’s no better or more exciting space than mobility and smart cities for me to exercise that interest. I’m really optimistic about the potential for robots and automated vehicles to positively shape our future, particularly in terms of saving lives, increasing efficiencies, and providing humans with conveniences. At the same time, I recognize that there can be ethical and privacy harms to individuals and society through the irresponsible use of technologies. I believe there are ways to mitigate risks and reduce or eliminate harms to get as many benefits from technologies like automated vehicles and digital micromobility services, like bike- or scooter-sharing.

FPF has been a really great fit for me because I get to be deeply involved in some of the most exciting privacy and data-related challenges of our time. I enjoy getting to work with a variety of stakeholders, including government, industry, and academia.  My work at FPF presents me with a unique opportunity to help shape our mobility future to be more equitable, accessible, safe, and affordable. I believe that the multitude of mobility options – from connected and autonomous vehicles (CAVs) to e-scooters to delivery robots – present many benefits and implications for society. My portfolio at FPF covers the entire range of privacy and data topics in the mobility space, and it’s rare to have a day go by where there isn’t something newsworthy coming out.

What attracted you to working on aspects of law related to AI, privacy, and mobility?

AI and privacy as a field is both niche and extremely broad. Some of the reasons why I’ve become interested in AI and privacy with respect to mobility specifically are that the technical and regulatory challenges of autonomous vehicles are fascinating and raise a lot of questions related to privacy and data protection. I’ve also found that mobility data is quite varied in nature and, because of that, raises really complex and contextual privacy challenges. The mobility ecosystem requires collaboration and input from the various levels of government, communities, companies, and international partners. Working with such a wide variety of stakeholders has been a highlight of my time at FPF.

What are the hot-button issues that you’re working on related to mobility?

Currently, I’m working with FPF stakeholders on a report that will outline privacy-by-design goalposts for connected and autonomous vehicles. The report will take a deep dive into connected and autonomous vehicle technologies that are essential for the safe development of these cars, including optical sensors, computer vision, and geolocation and HD mapping. I believe that just as safety and security should be built into the design of cars, so should privacy.

Mobility data sharing is another fascinating and dynamic area. One example is the sharing of micromobility data between companies and cities through the Mobility Data Specification (MDS). MDS is a set of open-source APIs that allows the data from a vehicle to be shared – almost in real-time – with city governments, typically the DOT. A big part of my work in this space is understanding the privacy implications of types of mobility data, which often includes personal data and location data. There are interesting questions about the temporal nature of mobility data, whether mobility data can be used to identify individuals, and the sharing of data between the private sector and the public sector, where each sector often has different obligations and responsibilities. Another fascinating development is the Right to Repair movement, which illustrates the potential conflicts of access to and control over vehicle data.

What mobility trends will we all be talking about in the next couple of years?

We’re seeing increased interest in the space from regulators across the globe, particularly in the larger markets. Regulators are concerned about safety regulations and standards. In the United States, for example, the National Highway Traffic Safety Administration recently announced an online, centralized platform for cities and companies to voluntarily post updates about their automated vehicle testing. After stalling in 2017, the SELF DRIVE Act was recently reintroduced, which would create a federal framework for the regulation of autonomous vehicles (AVs) and includes a section on privacy policies. We may see this or a new AV bill become law in 2021 and this will have implications for privacy and data protection.

There is also a lot of policy and legislative action in state and local governments in terms of mobility data sharing, access to mobility data, and general privacy laws that impact CAVs. Also, in Europe, the European Data Protection Board is expected to intensify its work in this area and recently released draft guidelines on connected cars. We’re also seeing advanced driver-assisted technologies and driver monitoring systems become required in car safety regulations and standards, which has implications for privacy and data protection. Regulations and standards are important from a technical perspective, because safety standards often drive the development of new technology. When manufacturers develop the technology to reach those standards, it’s important that companies (and governments) implement privacy by design in the technologies and in their organizational practices.

The volume of data coming from connected cars and other forms of mobility will increase, as will its value. There will be more opportunities to monetize this data, but it’s a really complex ecosystem with many players, all of which need to be strategic and thoughtful about privacy. We’re seeing the industry continue to move away from siloed operations, toward more collaboration, consolidation, and partnership in the mobility space as stakeholders – including car manufacturers, mapping companies, driverless technology companies and others – recognize the importance of collaboration to unlock the full potential of mobility data. This all makes for a really complex ecosystem, which means there is a lot for businesses, consumers, and policymakers to navigate. Some of the data is relatively benign from a privacy perspective, while other data is very sensitive, and some data could become personal and sensitive depending on the context, such as location data. Companies and governments collecting mobility data must ensure that their staff have a deep understanding of the privacy implications of new technologies and data types. Privacy-by-design and a cross-functional approach are some of the best ways to address these complex, multifaceted privacy issues.

I’m also expecting to see more public-private partnerships in this space. The private sector and all levels of government must have a relationship with each other to ensure that there is a constructive dialogue on privacy, safety, and technical standards. Municipal governments are an important part of the ecosystem, in addition to state and federal governments. Mobility data provides many social and monetary benefits and can also be used or misused in ways that have unintended harmful consequences for individuals and society. Companies and governments using and benefitting from mobility data should both be held to higher standards of privacy and data protection. The public should also have a voice in the policymaking and innovation process. Better transparency about how technology is being developed and the mitigation efforts to reduce harms could help improve consumer trust and the adoption of newer technologies such as delivery robots and automated driving features.

I expect the next several years in mobility law and policy to be very interesting and challenging. I consider myself to be very lucky to work in such a dynamic area of technology law and policy and am hopeful for a future with more (human friendly) robots in it.