To succeed in today’s data-driven economy, companies collect massive amounts of consumer data – and resell them.
The Mozilla Foundation However, has uncovered a startling gap that most people are unlikely to consider when assessing their personal privacy.
Everything from your health to your political preferences to your intimate moments can be sold to third parties without your knowledge.
And while we’re all wary of our smartphones and home assistants, there’s one more item on the list: your car.
Towards full disclosure
The worrying assumption comes from the Mozilla Foundationwhich concluded that “Cars are the worst product category we have ever examined for data protection“.
Cars these days don’t just get you from point A to point B. They’re also computers on wheels. If they are modern enough (and the manufacturer is sophisticated enough), you may well have unwisely ticked the box to allow data collection – and the distribution through sale of this information – to allow.
That’s one thing, but the scale of data that can be collected and shared is loud Mozilla enormously.
According to Jen Caltrider the head of the Mozilla-Working group *Privacy Not Includedcar manufacturers can learn a lot from the journeys:
“Cars really seem to have flown under the privacy radar, and I really hope we can help change that, because they really are terrible. Cars have microphones, and people have all sorts of intimate conversations in them. Cars have cameras that point inward and outward.“
When checking 25 car manufacturers Mozilla found that 84% confirmed that they can share their personal information with service providers, data brokers and other companies. 19 companies (76%) said they can sell your personal information.
56% said they have their data on “Inquiry“ – not to a court order, but to a request – to a government or law enforcement agency.
Data: What data is collected?
It’s probably easier to answer what data isn’t collected.
A manufacturer whose name we use here out of respect for honesty Mozilla don’t want to name (you can find the full report here), said it can collect sensitive personal information, including driver’s license number, immigration status, race, sexual orientation and health diagnoses.
Besides, they can “Conclusions“ pull from the data to create profiles, “that reflect the consumer’s preferences, characteristics, psychological trends, predispositions, behaviors, attitudes, intelligence, abilities and aptitudes“.
In addition, information about “sexual activities“ collected, although it was not explained how (but perhaps it is the digital equivalent of “when this car rocks…“).
Misha Rykov, researcher of the study Privacy Not Included on the Data theft by cars explained: “Virtually all of the privacy statements we examined contained restrictive language. Words like “How“, “including“ or “etc.“ show that we only get a section of the collected data and not the entire picture“.
“The in-depth data collected by car manufacturers is a data broker’s dream. Indeed, the Vehicle Data Hubs are rich in this information. Yet we still know so little about how they get, process and sell this data.”
If you think about a typical drive, you’re giving away a lot of information, especially if your car has a microphone.
Do you listen to religious music? A podcast that aligns with your political views? Are you talking about health problems? This is a goldmine for tech companies.
If your car has a number of sensors – including heart rate monitors – and has permission to share everything it collects with a third-party data agency that is itself an expert at drawing conclusions, then you are revealing a lot about yourself.
Researcher Misha Rykov added:
“The new bells and whistles in the car hold the potential for more sensors, cameras and microphones that collect data. But unlike apps or smart home devices, most drivers aren’t even aware that this data is being collected – let alone have the ability to turn them off.”
Conclusion
We are used to being suspicious of our smartphones and home assistants and knowing that a profile of us can be created based on all the clicks we make online.
But what about our car? For some people it is the last bastion of peace and tranquility.
If you own a car from the last few years, it is definitely worth checking whether you have not accidentally assigned the rights to your data. And if you’re buying a car in the near future, keep this step in mind.
Because researcher Misha Rykov has the last word:
“What did I learn from studying the privacy and security of 25 of the world’s largest car brands? Modern cars are a privacy nightmare, and it seems the Fords, Audis and Toyotas of the world have shifted their focus from selling cars to selling data.”