The car gets an “F” for data privacy. A new study finds that most major manufacturers admit they may sell your personal information, and half of them also say they share it with the government or law enforcement without a court order.
The proliferation of sensors in cars—from telematics to fully digitized consoles—makes them giant data-gathering hubs.
But researchers at the nonprofit Mozilla Foundation said in their study Wednesday that drivers have little or no control over the personal data their vehicles collect. Latest “Not Covering Privacy” Survey Security standards are also vague, which is a big problem given the automaker’s record of being vulnerable to hacking.
“Cars do seem to fly under the privacy radar, and I really hope we can help fix that because they really suck,” said Jen Caltrider, the study’s research leader. “There are microphones in the car, and people can have all kinds of sensitive conversations in the car. The cameras in the car are facing in and out.”
Unless they opt for a used, pre-digital model, car buyers “don’t have a lot of choice,” Kartried said.
Cars scored the worst for privacy in more than a dozen product categories — including fitness trackers, reproductive health apps, Smart speakers and other connected home appliances – Mozilla has been working on this issue since 2017.
None of the 25 car brands reviewed — chosen for their popularity in Europe and North America — met the minimum privacy standards of Mozilla, which promotes open source, public-interest technology and maintains the Firefox browser. That compares to 37 percent of the mental health apps the nonprofit reviewed this year.
“Uniquely invasive”
Notices from nineteen automakers say they can sell your personal data. Half will share your information with the government or law enforcement on a “request,” not a court order. Only Renault and Dacia, which are not sold in North America, offer drivers the option to delete their data.
“More and more cars are bugged at the wheels,” said Albert Fox Cahn, a technology and human rights researcher at Harvard University’s Carr Center for Human Rights Policy. “Drivers are paying more and more to install electronic devices that are collecting more and more data about them and their passengers.”
“Turning car privacy into a corporate surveillance space is uniquely invasive,” he added.
The Alliance for Automotive Innovation, a trade group representing makers of most cars and light trucks sold in the United States, disputes that characterization.in a letter sent on tuesday The company told the leadership of the U.S. House of Representatives and Senate that its shared goal is to “protect consumer privacy.”
It called for a federal privacy law, saying “a patchwork of state privacy laws can confuse consumers about their privacy rights and make compliance unnecessarily difficult.” In the absence of such laws, internet-connected devices and smartphones can collect data for customized ad targeting and other marketing, while also increasing the potential for large amounts of information to be stolen through cybersecurity breaches.
The Associated Press asked the league, which has resist efforts Provide car owners and independent repair shops with access to in-vehicle data, provided it supports allowing car buyers to automatically opt out of data collection and allowing them to choose to delete collected data. Spokesman Brian Weiss said the group was “concerned about letting customers opt out entirely” for security reasons, but did support giving them more control over how their data is used in marketing and by third parties.
in 2020 A survey by the Pew Research Center, 52% of Americans say they choose not to use a product or service because they fear it will collect a lot of personal information about them.
When it comes to security, Mozilla’s minimum standards include encrypting all personal information in the car. Most car brands ignored the questions they emailed about the matter, and those that did provide partial and unsatisfactory responses, the researchers said.
Driver’s License Number, Sexual Orientation, Genes—Everything Is Fair Game
Japan’s Nissan study surprises researchers The level of honesty and detailed breakdown of data collection provided by the Privacy Statement, Contrast that with big tech companies like Facebook or Google. The “sensitive personal information” collected included driver’s license numbers, immigration status, race, sexual orientation and health diagnoses.
In addition, Nissan says it can share “inferences” drawn from the data to create profiles that “reflect consumers’ preferences, characteristics, psychological trends, tendencies, behaviors, attitudes, intelligence, abilities and aptitudes.”
It was one of six car companies that said they could collect “genetic information,” or “genetic traits,” the researchers found.
Nissan also said it collected information on “sexual activity.” It doesn’t explain how.
The all-electric Tesla brand scored high on Mozilla’s “creepy” index. Tesla’s privacy statement says that if owners choose not to collect data, the company may not be able to notify drivers in “real time” of issues that could result in “reduced functionality, severe damage, or inoperability.”
Neither Nissan nor Tesla immediately responded to questions about their practices.
Mozilla’s Caltider argues that laws such as the EU’s 27-nation General Data Protection Regulation and California’s Consumer Privacy Act force automakers to provide information on existing data collection.
It’s a start, she said, by raising awareness among consumers, as happened in the 2010s, when a consumer backlash prompted TV makers to offer more alternatives to surveillance-intensive connected displays.
Svlook