Startling Mozilla Report Slams Modern Cars As Privacy And Security Nightmares
Even as auto manufacturers continue to push for consumers to buy more of their web-connected vehicles, promising over-the-air (OTA) feature drops, web connectivity for passengers and in-car apps, plus enough computing power to even play AAA games, each company is using its cars to collect information on its users. Through their customers, car companies have in their hands plenty of personal data that, if not properly handled, can go sideways pretty quickly.
This is exactly what Mozilla's *Privacy Not Included non-profit project set out to uncover. It found that 25 major car brands failed to adhere to basic security and privacy standards. Brands like Ford, Subaru, BMW, and Tesla collect data about race, weight, health, and even facial expressions. Nissan and Kia enter creepy territory by collecting your sexual activity and genetic data.
While certain data points are collected from user profiles or onboard telematics, the study (and companies) haven't revealed how things like one's mating habits are captured. Perhaps cars are skimming incoming texts or dating apps?
Besides collecting way too much personal data, the study also found that 84 percent of the car brands share the data with third-party businesses, and that 76 percent of them sell your personal data. Only Renault and Dacia allow drivers to have their personal data deleted, which means drivers of other brands have absolutely no control over how companies utilize their data.
Jen Caltrider, *Privacy Not Included project director said it the best, “Many people think of their car as a private space — somewhere to call your doctor, have a personal conversation with your kid on the way to school, cry your eyes out over a break-up, or drive places you might not want the world to know about, but that perception no longer matches reality. All new cars today are privacy nightmares on wheels that collect huge amounts of personal information.”