jaco2k
Closed beta tester
AWD FTW!
Posts: 63
|
Post by jaco2k on Nov 1, 2021 15:56:35 GMT
Let's also consider one thing more - They should be able to prove that the changes made to coding have caused an actual fault
|
|
|
Post by dv52 (Australia) on Nov 2, 2021 11:38:05 GMT
I am well aware that there are announcements for SFD and we are setting up the support and help pages in the next days. Still, sharing details is discouraged. Regarding SFD and warranty: There is no interface for workshops to get details on the SFD history, so the workshops themselves can not decline any warranty. Still, when it comes to a detail decision directly from VW, they can surely access a more in depth history of the car. How they decide in the future... No idea! newty : It's good to read that OBD11 will set-up a more in-depth support facility for the SFD solution - I hope that it answers my questions
As for your response about "workshops getting details of SFD history" - I had absolutely no doubt that this wouldn't happen via OBD11 because there is no commercial relationship between the parties. This wasn't my point - my question (which was rhetoric) was about what part (if any) of the data-stream that OBD11 sends to VW AG -will be subsequently available to dealers and workshops. As I have said, this was a rhetoric question, it's certainly not a question that OBD11 can answer - nevertheless, it is a matter of pivotal interest to users of the SFD solution).
Of course, this assumes that there is a SFD data-stream that is sent to VW AG by OBD11- as I have said, all that is currently in the public domain is a fairly vague statement about the need to create an identity list of those registering for SFD authorizations as a mandatory part of the agreement with Volkswagen AG. It would be reasonable for OBD11 users to expect that the new support and help pages will add flesh to this skeletal statement - not to disclose sensitive commercial aspects of the agreement, but to explain to users what happens to this mandatory list (which contains their identity) and what other information (like parts of the user History files - maybe) are also sent to VW AG (if indeed any information is sent by OBD11 to VW AG). The need to do this is entirely consistent with the terms of OBD11's privacy statement as published.
Don
|
|
|
Post by dv52 (Australia) on Nov 2, 2021 12:08:34 GMT
Let's also consider one thing more - They should be able to prove that the changes made to coding have caused an actual fault jaco2k : With the greatest respect and with no offense intended - not really?
Of course there will be many instances where there is absolutely no question (at all) that changes made to coding have NOT caused an actual fault in a warranty claim. There will also be cases where both VW and the car owner will agree that the coding changes DID cause the fault. These instances of common agreement between the car manufacturer and an OBD11 user will be of no consequence and everyone will be happy!!
However, it is naive in the extreme to believe that that VW can always, or should always be able to prove to the satisfaction of an OBD11 user cause-and-effect in warranty claims. Even without SFD, there are already countless cases where the car manufacturer questions the bone-fides of warranty claims by owners.
We have yet to see how VW having access to the new SFD data-stream (if indeed OBD11 sends this data-stream) will affect warranty claims. But if anyone believes that tilting the data balance in favor of the car manufacturer helps an OBD11 user when making a warranty claim, then I suggest that they re-think what is real in commercial negotiations!!
I'm not suggesting that OBD11 users should not be accountable for their coding changes and that the car manufacturer should be denied access to data about these coding changes - I'm simply pointing-out that the information balance in negotiations about warranty claims changes dramatically with my understanding of the SFD solution (in favor of the car manufacturer)
I'm also pointing-out that the new SFD data-stream almost certainly will contain a very precise digital trail of OBD11 user actions - so the SFD solution definitely does NOT mean business as usual! Without wanting to over dramatize the situation, a very small part of George Orwell's dystopian world is here!!
Bottom line= consider very carefully what changes you make to SFD modules - because Big Brother is watching (and no, I don't believe in conspiracy theories)
Don
|
|
|
Post by newty on Nov 3, 2021 10:41:56 GMT
I am with you that data collection and transfer is problematic.
Lets have a quick look at the history of data collection in the VAG company. I am speaking for Europe here, so other markets will have different mechanisms. Non SFD: * Every control unit saves data about its coding and adaptions. Mostly, this is limited to workshop ids and a date/timestamp for this. This also applies to parameters and software downloads, but that is not an OBD11 related thing. * VW is keeping an exact car's history in their system. Authorized workshops have to document all works in there, let it be warranty works, maintenance and accident repairs and their estimations. * ODIS can scan a whole car in less than 3 minutes. In that short time, all codings and adaptions are read out. Wouldn't it be easy to compare that to the SVM and document any changes. => VW could always track coding changes, even when you are recoding everything to factory before going to the workshop, there are timestamps showing there is something off
Now what is extra with SFD? * The original SFD backend processes the following information: GeKo ID, VIN and request code and request depth (there are several access types). It will likely save any request with a timestamp. * I will assume they do not expand their system to carry more information since or for OBD11, so they have the information "an OBD11 user requested a token for VIN VWVZZZCDZPW000001" in their system. => What does this change for warranty claims? Not much, besides having actual evidence besides traces in the control units. Is this non-temperable or fool proof? Never. The request does not contain any validity against the vin. One typo in the VIN in the manual request and you getting a non working token for a different car.
=> If VW is interested in declining warranty because of non-authroized coding changes, they would already do that. But lets be honest what that would mean in real life. Assuming I broke my ABS by coding (could happen) and now it is unrecoverable, still unter warranty. Of course the workshop will ask for a replacement and will exchange it. I am a valued customer and there is no indication for them that I screwed something up myself. I will drive off in 48 hours with a warranty replaced control unit. Warranty claims are done very specific here: The workshop buys exchange parts from VW for warranty replacements the same way they buy normal spares and replacements, but with the note "warranty replacement" - not questions asked, as OTLG is a different company than the manufacturing. The send the faulty parts back in and get a refund. They also invoice their work to VW. The part gets inspected and they come to the conclusion: Coding broke it! Now there are two options: Pressuring the workshop to bill the customer and not pay the workshop weeks after the work is done. Highly unlikely and - to be honest - unfair. Or VAG is billing them to the customer directly. But do they have a valid repair order? No. Do they even have the customer's data? Likely not. How to invoice that?
Both things are problematic, and fighting a lawsuit with unclear outcome is not something anybody wants in this business. Also we need to consider that only a little portion of customers are actually coding, even less are trying things out and break something inside warranty.
Of course, OBD11s database valuable information which should be protected, so in my eyes, nothing is changed. And yet, I see no interface to VAG directly access it.
|
|
|
Post by dv52 (Australia) on Nov 3, 2021 22:28:20 GMT
newty : First, my thanks for your reply - I appreciate you taking the time to write down your thoughts (very interesting indeed).
So, as I read your response, you are really saying that nothing much changes with the new SFD protocols in respect of warranty claims.
Hmm........ I'm more than a tad surprised!!
As we will both agree, Volkswagen AG in Wolfsburg is a multinational conglomerate. It's a business of epic size and like all commercial enterprises, its over-riding objective is return-on-shareholder-investment. Or said another way - financial profit is the blood that runs through VW AG's corporate veins. Ain't nothing wrong with a company having a focus on profit - it's absolutely normal and it's undeniable!
My point in highlighting Volkswagen AG's commercial profit motive is to provide a context for the belief that nothing much changes to warranty claims with the new SFD protocols.
So- here's the thing that I can't understand: Why is a company like Volkswagen AG willing to decrease its profit by spending money to develop the new SFD protocols and why would it incur the huge cost of implementing the necessary world-wide infrastructure for SFD - if didn't change stuff like warranty claims? After all, if the whole point of SFD isn't about warranty claims - what's it for? And if SFD doesn't change how VW AG handles warranty claims - then why incur the corporate expense?
I certainly mean no offense - but the concept of business as normal for SFD infected cars just doesn't make sense to me (it's illogical)!!
Don
|
|
gio
Closed beta tester
Posts: 19
|
Post by gio on Nov 5, 2021 20:42:58 GMT
newty I don’t think VW would send a replacement unit without first checking in their database if the faulty unit has been coded or not. So, maybe they will not send the new unit at all stating that it has been the customer’s bad behavior to damage it! My 2 cents
|
|
|
Post by newty on Nov 5, 2021 21:57:44 GMT
Keep your change! They do exchange it, trust me. I had a definitely coded discover pro exchanged over night. The primary goal is to get the customer back on the road as fast as possible. Let us talk about how many cars are coding at all? Way less than 5%. And how many are under warranty and coded? I would assume less than 1%. And how many are coded in a fashion that anything could be damaged? Even way less! That is nothing to worry about...
|
|
|
Post by whataboutthis on Nov 6, 2021 9:44:11 GMT
29. When using the Mobile Application and OBDevelen hardware to connect to the SFD (Schutz Fahrzeug Diagnose / Vehicle Diagnostic Protection) service, you must comply with the following rules:
- the SFD service is only allowed to be used as part of the actions required for the repair (purpose limitation);
4. Manufacturer of supported vehicles
After each connection to the control unit, protected by SFD (Schutz Fahrzeug Diagnose / Vehicle Diagnostic Protection), some of your data (the pseudonymised user ID (name), pseudonymised workshop ID (if applicable), country and or the vehicle VIN code) will be transferred to the Volkswagen Group, which will analyse your actions.
If the Volkswagen Group detects violations of security requirements or other non-compliances and submits a request to us, we will also transfer to the Volkswagen Group and/ or investigative authorities your other personal data – full name, address, e-mail, telephone number and workshop ID and address (if applicable).
|
|
|
Post by dv52 (Australia) on Nov 6, 2021 20:49:20 GMT
whataboutthis : EXACTLY!!! And this from point "32" of the T's and C's - The use of functions of the Application may void the warranty applicable to the vehicle, its separate parts and systems, and accordingly you should contact vehicle manufacturer’s representatives for validity of warranty terms. We do not advise using functions of the Application if you do not have special knowledge of programming (coding) of a vehicle.
It's anyone's guess what is meant by "special knowledge"(it's not a defined term in the document) - but there can be absolutely no dispute for anyone reading the sub-clause above that the SFD solution is NOT intended to be used by all-and-sundry in the same way as the normal OBD11 App.
So, a very proper statement from VOLTAS IT clearly advising that widespread use of the SFD solution is NOT recommended
As an interesting aside, it's arguable that the unspecified meaning of "special knowledge" has already been been defined: OBD11 is currently Beta testing their SFD solution and users have been accepted into this program. I'm not sure how users were selected, but I assume that the same advice in my extract above was provided to those participating in the Beta testing program. So, in a real practical sense, OBD11 may well have (inadvertently?) provided their own definition to this term through the acceptance of users onto the test program - maybe?
And in respect to your extract from the privacy statement
The mention of Pseudonymous data may lessen user concern because it can go some way to protecting user identity, but users should not be foolish in believing that this is the same as "anonymize data". The two decryption techniques are similar in that they both mask the personal data that makes it possible to link information to an individual. However, the key difference here is that pseudonymised data can be reversed
According to the privacy statement, the reversal of the pseudonymised data will happen:
- If the Volkswagen Group detects violations of security requirements or other non-compliances and submits a request to us, we will also transfer to the Volkswagen Group and/ or investigative authorities your other personal data – full name, address, e-mail, telephone number and workshop ID and address (if applicable).
But what does this actually mean in practice? It can mean at one extreme, every time any OBD11 user makes any change to a SFD module, and at the other extreme, never!! The decision as to where on this continuum an individual's identity will be disclosed is entirely in the hands of Volkswagen (yes, the same multinational conglomerate that was recently in the world-news for all the wrong reasons)
Without any more explanation in the public domain - the normal user protections from pseudonymised data really don't mean much- IMHO, of course
Again, my advice to anyone thinking of making changes to SFD modules - proceed VERY carefully until much more is known about the consequences!!
Don
|
|
|
Post by whataboutthis on Nov 8, 2021 23:50:14 GMT
With my suspicious mind the following is from obd11 privacy policy
4. Manufacturer of supported vehicles
After each connection to the control unit, protected by SFD (Schutz Fahrzeug Diagnose / Vehicle Diagnostic Protection), some of your data
(the pseudonymised user ID (name),
pseudonymised workshop ID (if applicable),
country and
or the vehicle VIN code)
will be transferred to the Volkswagen Group, which will analyse your actions.
but this from vw policy document - Attached
The SFD IT backend centrally manages all accesses and logs them for later verification. Together with your pseudonymised user ID and
your IP address,
the VIN,
the vehicle make,
the diagnostic address and
the control unit ID
are stored from the customer vehicle.
Furthermore, the time stamp of the service request is stored.
In the event of misuse, it is thus possible to determine who made the changes to the control unit. During the use of SFD, various data about you may be stored and processed. During a service call, the following data (hereinafter referred to as service call data) is transmitted to the SFD IT backend and stored there: - pseudonymised user ID - pseudonymised workshop ID - country - IP address
Don't understand the difference of VW Document at the start and then at service request but in any event it looks like IP details are shared, I wonder if that is user iP Address or OBD11,
|
|
|
Post by dv52 (Australia) on Nov 9, 2021 23:24:22 GMT
Don't understand the difference of VW Document at the start and then at service request but in any event it looks like IP details are shared, I wonder if that is user iP Address or OBD11,
Very interesting indeed - thanks for providing the documentation!!
I don't have an answer to your question, but my reading of the translation in English further reinforces my concerns - and my caution that OBD11 users should proceed VERY carefully!!
There are simply too many unknowns at this time- and what is in the public domain is troubling!!
Don
|
|
|
Post by whataboutthis on Nov 10, 2021 9:41:49 GMT
Don was not looking for answer just got the documentation so sharing.
Hopefully when the new release comes out on Thursday there will be a bit more information
|
|
|
Post by whataboutthis on Nov 24, 2021 16:45:49 GMT
Update on the SFD Stuff.
Firstly I have had confirmation that they do not share IP Addresses which to be honest was a pointless bit of data due to the freely available VPN services.
Secondly OBD11 Have today updated the Terms and Conditions now to exclude the 20 requests per tool manufacturer per second which as its a VW control makes sense.
But the the SFD service is only allowed to be used as part of the actions required for the repair (purpose limitation); is still there and if you look at the Lithuanian version it shows. SFD paslaugą naudoti tik tiek, kiek ji yra būtina automobilio taisymui (tikslo ribojimas); which converts to Use the SFD service only to the extent that it is necessary to repair the car (purpose limitation);
|
|