The Mozilla Foundation released its report on how effectively automakers manage the privacy of data gathered by their connected vehicles. The researchers expressed deep concern about their discoveries, declaring that “cars represent the poorest product category we have ever assessed in terms of privacy.”
Mozilla examined 25 auto brands and discovered that all of them were gathering an excessive amount of personal data from multiple sources. This included monitoring the actions you perform within the infotainment system’s applications or what buttos you push, as well as data from additional sources, such as satellite radio or third-party maps. Even when you connect your phone, consider the prompt that asks if you wish to share all your contacts and notes with your car via Bluetooth.
The range of information gathered spans from personal data like medical records to details about how drivers operate the vehicle, including speed, routes, and even their music preferences. Notably, both Nissan and Kia permit the collection of data related to a user’s sex life. For example, Nissan’s privacy policy says it can collect “sensitive personal information, including driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information”.
But wait, there’s more. According to the report, 84 percent of the examined car brands share personal user data with service providers, data brokers, and potentially questionable enterprises. Additionally, 76 percent assert their authority to sell this personal data, and 56 percent express their readiness to provide user information to government authorities and law enforcement upon request.
Among the brands, Tesla performed the worst, earning the distinction of being only the second product to receive all of Mozilla’s “privacy dings,” – getting flagged in every privacy category – with an AI chatbot being the first. Nissan secured the unenviable position of second-worst.
Mozilla says that it couldn’t verify whether any of the automakers were capable of meeting the organization’s minimum security standards concerning data encryption and safeguarding against theft. Mozilla says in the report that “While we worried that our doorbells and watches that connect to the internet might be spying on us, car brands quietly entered the data business by turning their vehicles into powerful data-gobbling machines”.
