A new study has shocked drivers. It turns out that 25 leading automotive brands collect and exchange deeply personal data. Branded cars really do monitor the private lives of drivers, including information about their health status, weight, and even sexual activity.
Cars monitor the personal lives of drivers.
“Smart” cars from leading global brands, including Nissan, Volkswagen, and Tesla, collect personal data from drivers using sensors, microphones, cameras, software, and more. After gathering this information, car manufacturers share it with technology companies, governments, car dealers, data brokers, and even other drivers.
In addition to health and sexual status data, the information may include driving habits, intelligence, facial expressions, immigration status, race, and even genetics. This was revealed when independent experts warned about the risk of cybercriminals gaining remote access to vehicles and stealing drivers’ personal data.
A new study has been conducted by a group of experts from the Mozilla Foundation. The researchers noted to the publication Daily Mail that cars – whether fully electric, hybrid, or gasoline – are the worst category of products they have ever tested for privacy.
Many car brands engage in “privacy laundering.” That is, they pretend to protect consumer privacy, while in reality, they do not, often using misleading language.
As Jen Caltrider points out, many people perceive their car as a private space where they can call their doctor, have a personal conversation with their child on the way to school, cry over a breakup, or drive to a place they wouldn’t want anyone to know about. However, this perception is no longer accurate. All new cars today are privacy nightmares on wheels, collecting vast amounts of personal information.
Some cars even collect data about sexual activity.
Researchers examined not individual cars, but the privacy measures of various companies and programs that connect to their vehicles. According to their analysis, the worst offender is the Japanese brand Nissan. Its cars interact with the MyNissan app, which allows owners to remotely start, stop, lock, and unlock their vehicle, as well as honk the horn, flash the headlights, and more.
However, the program can also collect and share drivers’ sexual information, their diagnostic data, genetic information, and other confidential personal information for targeted marketing. Researchers note that Nissan is extremely honest in its privacy policy, as it acknowledges that it collects a wide range of personal information, although it does not specify how. Meanwhile, the information about the app on Google Play claims that it “does not share data with third parties” (this was later corrected).
The privacy policy of the South Korean manufacturer Kia also states that it may collect information about your “sex life or information about sexual orientation.” As experts note, could there be a “significant” reason for a car manufacturer to have such information? Probably not.
Unclear privacy rules facilitate surveillance.
Tesla is not the worst car company that researchers have examined, but that doesn’t mean it doesn’t have shortcomings regarding privacy. This brand “clearly” states in its documentation that it does not sell or share your personal information with third parties.
However, according to experts, it is “quite difficult to trust” Elon Musk’s multibillion-dollar company. Tesla has a questionable track record in protecting and respecting people’s privacy inside its electric cars, as well as outside, where they may be captured by outward-facing cameras.
The other “most significant violator” of drivers’ privacy is the German manufacturer Volkswagen. This brand collects personal information (age, gender) and driving behavior (such as seatbelt use and braking habits) for targeted marketing. The data is obtained through the myVW app, the We Connect ecosystem of intelligent online services, the VW dealer, or a combination of all of these.
Meanwhile, Toyota, the global leader in car sales worldwide, presents an “almost incomprehensible galaxy” of 12 privacy policy documents. However, as a result, it also collects data on driver behavior, such as acceleration and speed, direction of travel, and image data from cameras and sensors in the vehicle.
Similarly, Mercedes-Benz, known for its luxurious high-end design, could also potentially sell personal information for advertising. However, it was unable to sufficiently explain its complex privacy policy to researchers.
The American automotive giant Ford is using a voice recognition system in its vehicles to “draw conclusions about you” in order to guess more about your likely preferences and other characteristics, which it may share and possibly even pass on to third parties.
The French manufacturer Renault raised the least concern, as it is “not that bad” when it comes to privacy. However, researchers were unable to confirm whether it encrypts personal data stored in its vehicles.
They collect personal data not only from drivers but also from passengers.
Overall, experts found that passengers cannot properly give their consent for such data collection, as “consent” for the collection of personal data is “implied” by the fact that they are simply passengers in the vehicle. For example, Subaru considers a passenger to be a user, meaning someone who agrees to their privacy policy.
Several car brands (including Nissan and Ford) also state that the driver is required to inform passengers about the vehicle’s privacy policy. Researchers warn that serious data breaches are common, as demonstrated by the leak of personal information of millions of Toyota customers earlier this year.