CerebrumX Labs, which describes itself as an artificial intelligence (AI)-driven automotive data services and product provider, uses “a highly secure, AI-based Augmented Deep Learning Platform (ADLP)” and, so far, has collected more than 100 million miles of data from vehicles. The data collected, with consent from automakers and drivers, includes personally identifiable information (PII) but what does “consent,” in this case, mean?

Companies and unauthorized third parties collecting and/or selling data that many users may think is private is now commonplace not only in the automotive and collision repair space but in just about any cloud-connected or online-based service.

Collision repair shops and consumers need to be aware of what’s collected and how to ensure their data is safe. It’s been previously suggested by the Society of Collision Repair Specialists (SCRS), the Database Enhancement Gateway (DEG), and Mike Anderson’s Collision Advice for shops to get authorization from their customers to reset or clear PII data for total loss vehicles or vehicles they intend to sell and have them sign a release to avoid any liability associated with the procedure.

A new data privacy concern regarding scan tool end-user license agreements (EULAs) was brought to the attention of the collision repair industry earlier this month during the Collision Industry Conference (CIC)’s meeting in Richmond, Virginia. An Autel Technology Corp. EULA states a broad array of customer data can be collected from its diagnostic scan tools can be shared, and governed by the People’s Republic of China.

CerebrumX CEO and co-founder Sandip Ranjhan told Repairer Driven News there are multiple levels of consent that end users agree to beginning with consent to collect from the company’s partners, including OEMs, media companies, insurers, fleet companies, and smart cities/municipalities. Then, the user must give consent for the data to be shared with