There was a brief mention of this technology at the Crypto conference. I provided some pointers in a comment to an Ed Felten blog entry at http://www.freedom-to-tinker.com/archives/000677.html#comments (scroll down to the 3rd comment). Dan Boneh et al presented a proposal for a group signature scheme so that the data collected would not be personally identifiable. The problem is that the data needs to be authenticated, otherwise rogue transmitters could send false data and perhaps cause traffic flow problems or even serious accidents. So they want to use some cryptographic method. Putting a common key in the whole system would make it too easy for rogues to get access to, would be unrevocable, and we are back to the rogue transmitter problem. Using individual certified keys is the default solution but has privacy problems: everyone would be constantly transmitting a cryptographically verifiable record of their driving patterns, speed, lane changing and who knows what else. With the group signature, everybody has a unique key but their transmissions are not bound to that key. And if a key gets scraped out and goes rogue, it can be revoked. This is supposed to provide flexibility, authentication, and privacy. In practice I am skeptical that society will choose to protect privacy at the expense of security. One optional feature of group signatures is a trusted party who can penetrate the anonymity and learn the identity of the author of a particular message. I suspect that any vehicle based embedded communications system will retain that capability, a sort of "license plate" in the virtual realm. The ability to track the paths of bank robbers and terrorists would be too inviting for society to give up, especially if the data is only available to government agents. Hal