Serious Discussion ‘Privacy Nightmare on Wheels’: Every Car Brand Reviewed By Mozilla

nicolaasjan

Level 5
Thread author
Verified
Well-known
May 29, 2023
210

Ink

Administrator
Verified
Jan 8, 2011
22,490
Published Sept 6, 2023
New Mozilla research has revealed that popular global car brands — like Chevrolet, Nissan, Toyota, Kia, Audi, Jeep, Honda, Volkswagen, and more — are collecting your deeply personal data, like your genetic information and sexual activity. This invasive harvesting of information is collected via a web of sensors, microphones, cameras and the phones, apps, and connected services you use in your vehicle.

Car companies are brazenly collecting deeply personal information about people the moment they get into a car, often without explicit consent to do so. And that’s why the Mozilla community is now coming together to force car companies to respect our right to privacy. Add your name to ask car companies to stop collecting, sharing and selling our very personal information.
Petition: *Privacy Not Included: A Buyer’s Guide for Connected Products
 
Last edited:

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
589
In high school, I had a '51 Ford 2 dr. It was a stupid car that couldn't do anything without somebody to start and steer it. It was also easy to work on, got 23 miles per gallon, and was loyal and didn't spy on you. Wish I still had it.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Need to come up with ways to disable these devices, and or use a faraday shield or cover over the transmitter/receiver so nothing can be received or sent.
  • Remove the eSIM / SIM card from the vehicle (Warning: may break or void features).
  • Remove the interior microphone (Warning: may break or void features)
  • Avoid connecting your Phone to the Infotainment system.
  • Avoid using the Remote features and the Phone App.
  • Avoid EVs
  • Buy or Build a DIY kit car
  • Get your vehicle licence revoked
  • Commute using Public transport
  • Bicycle (short trips)

Article posted by TechRadar.com, 2016:
Furse says BMW's connectivity track record dates back to 1972 and its Turbo Concept, which sported telematics and radar cruise control. In 1999 BMW released the first production car with telematics capable of connecting remotely with a car manufacturer's back-end systems.

"Since 2014, a SIM card has been fitted to every BMW," Furse says, "and 90 percent of BMWs currently on sale are available with 4G connectivity".

That connectivity is built in not only to allow for existing technologies such as real-time traffic updates, and remote services like unlocking doors via a smartphone app, but also to ensure that BMW's are ready to be connected to new services and technologies.
Also applies to other car manufacturers.
 

SpiderWeb

Level 13
Verified
Top Poster
Well-known
Aug 21, 2020
603
It's scary to think my car hasn't had a software update since it was manufactured. There is technically one software update but it's nearly impossible to install unless you go to an authorized dealership and they rip you off for installing an update from 8 years ago that does almost nothing for security.

That combined with their privacy policies as exposed by Mozilla is just scary.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
90s and early - mid 2000 year cars are the king
A good reason to buy a newer vehicle would be for better crash safety standards. If have responsibilities (ie. family, car share, taxi passengers), then a relatively modern car is a no-brainer. If you can afford 2 or more cars, then you can switch between them.


Even though the 1998 model was designed in an era when crash testing was standard procedure, it absolutely crumples in this head-on crash at 64 km/h (roughly 40 mph). The photos taken after the crash tell the tale: The 2015 Toyota's passenger compartment stays largely intact, while the 1998 model is buckled and mangled.

We should point out that, in 1998, Australia and New Zealand did not require airbags in new cars, which is why the green Toyota in this test doesn't have them (that year, both driver and front passenger airbags became mandatory in the US market). Not that they'd really matter: With all that passenger compartment intrusion, and the way the crash test dummy got thrown around, most of the dummy's damage couldn't have been prevented by an airbag.

Source: https://www.roadandtrack.com/car-cu...much-car-safety-has-improved-since-the-1990s/
 
  • Like
Reactions: simmerskool

Ink

Administrator
Verified
Jan 8, 2011
22,490
New blog updates from April 30th, 2024 - Car Company CEOs Answer Tough Questions About Cars and Privacy… Kinda | Privacy Not Included

Can drivers get their personal data deleted?​

At the time of our research last year, the only brands we could confirm would let customers delete their personal information were two European car brands (Renault and Dacia) who have to give drivers that right because it’s the law in the EU, according to the privacy law GDPR.

Senator Markey asked:
Can all users, regardless of where they reside, request the deletion of their data? If so, please describe the process through which a user may delete their data. If not, why not?

Toyota, Subaru, BMW, Tesla, and Ford said that all drivers in the US do have this right or will soon. Well, that’s new and good! We hope to see that commitment in their privacy policies -- where it matters. So far, Toyota is the only company to make that promise official with a change to their privacy policy.

But other car-makers doubled down, saying it’s not possible to commit to deleting their customers’ data or that they’re waiting for a law to force them to. Yeah, we don’t really believe that. And hey! Here's an idea. Car-makers, you’re officially invited to join our fight for federal privacy legislation in the USA. Until then, how about you apply the strictest state privacy law (generally, California’s CCPA) to all US states? That way you don’t, like Nissan worries, have to use an “arbitrary standard in the meantime. You can do it!
Since we sounded the alarm on cars and privacy last September -- change is already happening:
  • Toyota and Lexus now grant all US consumers the right to delete their personal data.
  • Thanks to public pressure, GM (which includes Chevrolet, Buick, GMC, and Cadillac) said they’ll stop selling some OnStar data to data brokers LexisNexis and Verisk.
  • The Bidden-Harris administration in the US is looking into connected cars’ privacy due to national security concerns.
  • The FCC is proposing applying the US’ Safe Connections Act to cars, making it harder for domestic abusers to stalk survivors using cars’ tracking systems (one of our privacy nightmares).
  • California legislators also proposed a bill that would make car-makers disconnect abusers’ remote access to cars when that access is being used to “stalk, harass, surveil, and intimidate survivors.”
  • US Senators Markey and Wyden are asking the FTC to take action against Toyota, Nissan, Subaru, Volkswagen, BMW, Mazda, Mercedes-Benz, and Kia -- and their executives -- for sharing drivers’ location data with government agencies without a warrant, violating the industry’s own “privacy principles”.
And even the car companies’ noodly answers are helpful in driving change.

May 2024 - Cars & Consumer Data: On Unlawful Collection & Use
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top