Cars Today: A New Study Reveals Alarming Privacy Concerns
Today’s cars are more advanced than ever, acting as computers on wheels with access to apps, entertainment, and even the internet. However, a recent study conducted by the Mozilla Foundation has shed light on the concerning lack of privacy protection when it comes to the data collected by automakers. In fact, the study labeled all 25 car brands surveyed with the foundation’s Privacy Not Included warning label, indicating poor management of data and inadequate security measures. This places cars at the bottom of the list among products reviewed by the foundation.
According to the study, car manufacturers gather excessive amounts of personal data. While some information is necessary for the operation of the vehicle, such as speed and location, other details about how people use their cars and where they go are collected as well. Connected services utilized in the vehicle, including third-party sources like Google, Meta, or Sirius XM, also contribute to data collection. Shockingly, the study found that 84 percent of car companies share or sell customer data with third parties, including service providers, data brokers, and other businesses. Additionally, 56 percent of automakers disclose information to government or law enforcement officials in response to legal requests. The study also revealed that 92 percent of companies surveyed do not allow or make it extremely difficult for individuals to delete their personal information from their systems.
The Mozilla Foundation devoted over 600 hours to researching the privacy practices of car brands but was unable to obtain a comprehensive understanding of how consumer data is used and shared. While they received responses from Ford, Honda, and Mercedes-Benz, none of those answers fully addressed the foundation’s inquiries. The Alliance For Automotive Innovation, upon contact from Motor1.com, directed them to a letter recently sent to Congress regarding automotive privacy. In the letter, the organization advocates for the rapid enactment of a comprehensive federal consumer privacy law and highlights their Privacy Principles for Vehicle Technologies and Services. They also provided a link to these principles as a resource for Congress to consider.
Several automakers responded to the study. Stellantis, for instance, disputed claims made in the study, reaffirming their commitment to the careful and diligent consideration of data privacy. Nissan emphasized its commitment to privacy and data protection for both consumers and employees, stating its compliance with applicable laws and a commitment to transparency. Similarly, General Motors stressed its dedication to safeguarding personal information and highlighted the acceptance of their terms and conditions and privacy statement by vehicle owners before any data is collected. Ford highlighted their commitment to being a trusted steward of customer information and recommended their customers refer to their Connected Vehicle Privacy Notice for more details. BMW assured they take data privacy and security seriously and provide comprehensive privacy notices to their customers, along with options for individual control over data collection and processing. Subaru, on the other hand, clarified that they do not collect any connected vehicle data unless the owner voluntarily enrolls in their telematics service, which can be canceled at any time.
The revelations of this study are alarming, raising serious concerns about the privacy practices of automakers. It is clear that improvements must be made to protect individuals’ personal data and give them greater control over the information collected by their vehicles. As cars become increasingly connected, it is essential for the industry to prioritize data privacy and security to ensure a responsible and trustworthy automotive experience for consumers.