Posted by righttoprivacy in Privacy
QUOTE:
"The car brands we researched are terrible at privacy and security
Why are cars we researched so bad at privacy? And how did they fall so far below our standards? Let us count the ways!
- They collect too much personal data (all of them)
We reviewed 25 car brands in our research and we handed out 25 “dings” for how those companies collect and use data and personal information. That’s right: every car brand we looked at collects more personal data than necessary and uses that information for a reason other than to operate your vehicle and manage their relationship with you. For context, 63% of the mental health apps (another product category that stinks at privacy) we reviewed this year received this “ding.”
And car companies have so many more data-collecting opportunities than other products and apps we use -- more than even smart devices in our homes or the cell phones we take wherever we go. They can collect personal information from how you interact with your car, the connected services you use in your car, the car’s app (which provides a gateway to information on your phone), and can gather even more information about you from third party sources like Sirius XM or Google Maps. It’s a mess. The ways that car companies collect and share your data are so vast and complicated that we wrote an entire piece on how that works. The gist is: they can collect super intimate information about you -- from your medical information, your genetic information, to your “sex life” (seriously), to how fast you drive, where you drive, and what songs you play in your car -- in huge quantities. They then use it to invent more data about you through “inferences” about things like your intelligence, abilities, and interests. 2. Most (84%) share or sell your data
It’s bad enough for the behemoth corporations that own the car brands to have all that personal information in their possession, to use for their own research, marketing, or the ultra-vague “business purposes.” But then, most (84%) of the car brands we researched say they can share your personal data -- with service providers, data brokers, and other businesses we know little or nothing about. Worse, nineteen (76%) say they can sell your personal data.
A surprising number (56%) also say they can share your information with the government or law enforcement in response to a “request.” Not a high bar court order, but something as easy as an “informal request.” Yikes -- that’s a very low bar! A 2023 rewrite of Thelma & Louise would have the ladies in custody before you’ve had a chance to make a dent in your popcorn. But seriously, car companies' willingness to share your data is beyond creepy. It has the potential to cause real harm and inspired our worst cars-and-privacy nightmares.
And keep in mind that we only know what companies do with personal data because of the privacy laws that make it illegal not to disclose that information (go California Consumer Privacy Act!). So-called anonymized and aggregated data can (and probably is) shared too, with vehicle data hubs (the data brokers of the auto industry) and others. So while you are getting from A to B, you’re also funding your car’s thriving side-hustle in the data business in more ways than one."
FULL MOZILLA REPORT: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
not_bob wrote
It's not just that. But, the fact that they are bluetooh or wifi enabled allows people you don't know to track you as well.
I can easily determine what bluetooth devices are near me. If a number of sensors were setup around an area, it would be easy to track people as they move around using just that.