Serious Discussion ‘Privacy Nightmare on Wheels’: Every Car Brand Reviewed By Mozilla

[nicolaasjan]

‘Privacy Nightmare on Wheels’: Every Car Brand Reviewed By Mozilla — Including Ford, Volkswagen and Toyota — Flunks Privacy Test

Mozilla’s latest edition of *Privacy Not Included reveals how 25 major car brands collect and share deeply personal data, including sexual activity, facial expressions, and genetic and health information.

foundation.mozilla.org

https://foundation.mozilla.org/en/privacynotincluded/categories/cars/

 

[Digmor Crusher]

More big corporations being slimeballs.

 

[oldschool]

No surprise here considering the constant injection of "smart" technology began years ago, certainly since circa 2010-13. "Smart" means "you're screwed"! Privacy policies, etc. are useless against technological onslaught.

 

[Ink]

Published Sept 6, 2023

• It’s Official: Cars are the Worst Product Category we have ever reviewed for Privacy
• What data does my car collect about me and where does it go?
• After researching cars and privacy, here’s what keeps us up at night

New Mozilla research has revealed that popular global car brands — like Chevrolet, Nissan, Toyota, Kia, Audi, Jeep, Honda, Volkswagen, and more — are collecting your deeply personal data, like your genetic information and sexual activity. This invasive harvesting of information is collected via a web of sensors, microphones, cameras and the phones, apps, and connected services you use in your vehicle.

Car companies are brazenly collecting deeply personal information about people the moment they get into a car, often without explicit consent to do so. And that’s why the Mozilla community is now coming together to force car companies to respect our right to privacy. Add your name to ask car companies to stop collecting, sharing and selling our very personal information.

Petition: *Privacy Not Included: A Buyer’s Guide for Connected Products

 

[oldschool]

Privacy isn't the only issue at play here. Hackers will have a field day, and then we'll need AVs for cars. Oh goodie, another subscription!

https://www.theatlantic.com/technology/archive/2023/09/electric-car-hacking-digital-features-cyberattacks/675284/

 

[Chuck57]

In high school, I had a '51 Ford 2 dr. It was a stupid car that couldn't do anything without somebody to start and steer it. It was also easy to work on, got 23 miles per gallon, and was loyal and didn't spy on you. Wish I still had it.

 

[Kubla]

Need to come up with ways to disable these devices, and or use a faraday shield or cover over the transmitter/receiver so nothing can be received or sent.

 

[Ink]

Need to come up with ways to disable these devices, and or use a faraday shield or cover over the transmitter/receiver so nothing can be received or sent.

• Remove the eSIM / SIM card from the vehicle (Warning: may break or void features).
• Remove the interior microphone (Warning: may break or void features)
• Avoid connecting your Phone to the Infotainment system.
• Avoid using the Remote features and the Phone App.
• Avoid EVs
• Buy or Build a DIY kit car
• Get your vehicle licence revoked
• Commute using Public transport
• Bicycle (short trips)

Article posted by TechRadar.com, 2016:

Furse says BMW's connectivity track record dates back to 1972 and its Turbo Concept, which sported telematics and radar cruise control. In 1999 BMW released the first production car with telematics capable of connecting remotely with a car manufacturer's back-end systems.

"Since 2014, a SIM card has been fitted to every BMW," Furse says, "and 90 percent of BMWs currently on sale are available with 4G connectivity".

That connectivity is built in not only to allow for existing technologies such as real-time traffic updates, and remote services like unlocking doors via a smartphone app, but also to ensure that BMW's are ready to be connected to new services and technologies.

Also applies to other car manufacturers.

 

[oldschool]

In high school, I had a '51 Ford 2 dr. It was a stupid car that couldn't do anything without somebody to start and steer it. It was also easy to work on, got 23 miles per gallon, and was loyal and didn't spy on you. Wish I still had it.

The same with my '64 Plymouth Valiant slant 6 with Hurst 4-speed.

 

[SumTingWong]

90s and early - mid 2000 year cars are the king

 

[SpiderWeb]

It's scary to think my car hasn't had a software update since it was manufactured. There is technically one software update but it's nearly impossible to install unless you go to an authorized dealership and they rip you off for installing an update from 8 years ago that does almost nothing for security.

That combined with their privacy policies as exposed by Mozilla is just scary.

 

[oldschool]

90s and early - mid 2000 year cars are the king

My 2013 Hyundai Elantra GT (i30 in Europe) has bluetooth, USB and 12 volt plug and nothing more. Still going strong as my daily driver with regular maintenance and no major repairs so far.

 

[Ink]

90s and early - mid 2000 year cars are the king

A good reason to buy a newer vehicle would be for better crash safety standards. If have responsibilities (ie. family, car share, taxi passengers), then a relatively modern car is a no-brainer. If you can afford 2 or more cars, then you can switch between them.

Even though the 1998 model was designed in an era when crash testing was standard procedure, it absolutely crumples in this head-on crash at 64 km/h (roughly 40 mph). The photos taken after the crash tell the tale: The 2015 Toyota's passenger compartment stays largely intact, while the 1998 model is buckled and mangled.

We should point out that, in 1998, Australia and New Zealand did not require airbags in new cars, which is why the green Toyota in this test doesn't have them (that year, both driver and front passenger airbags became mandatory in the US market). Not that they'd really matter: With all that passenger compartment intrusion, and the way the crash test dummy got thrown around, most of the dummy's damage couldn't have been prevented by an airbag.

Source: https://www.roadandtrack.com/car-cu...much-car-safety-has-improved-since-the-1990s/

 

[Ink]

New blog updates from April 30th, 2024 - Car Company CEOs Answer Tough Questions About Cars and Privacy… Kinda | Privacy Not Included

Can drivers get their personal data deleted?​

At the time of our research last year, the only brands we could confirm would let customers delete their personal information were two European car brands (Renault and Dacia) who have to give drivers that right because it’s the law in the EU, according to the privacy law GDPR.

Senator Markey asked:
Can all users, regardless of where they reside, request the deletion of their data? If so, please describe the process through which a user may delete their data. If not, why not?

Toyota, Subaru, BMW, Tesla, and Ford said that all drivers in the US do have this right or will soon. Well, that’s new and good! We hope to see that commitment in their privacy policies -- where it matters. So far, Toyota is the only company to make that promise official with a change to their privacy policy.

But other car-makers doubled down, saying it’s not possible to commit to deleting their customers’ data or that they’re waiting for a law to force them to. Yeah, we don’t really believe that. And hey! Here's an idea. Car-makers, you’re officially invited to join our fight for federal privacy legislation in the USA. Until then, how about you apply the strictest state privacy law (generally, California’s CCPA) to all US states? That way you don’t, like Nissan worries, have to use an “arbitrary standard” in the meantime. You can do it!

Since we sounded the alarm on cars and privacy last September -- change is already happening:

• Toyota and Lexus now grant all US consumers the right to delete their personal data.
• Thanks to public pressure, GM (which includes Chevrolet, Buick, GMC, and Cadillac) said they’ll stop selling some OnStar data to data brokers LexisNexis and Verisk.
• The Bidden-Harris administration in the US is looking into connected cars’ privacy due to national security concerns.
• The FCC is proposing applying the US’ Safe Connections Act to cars, making it harder for domestic abusers to stalk survivors using cars’ tracking systems (one of our privacy nightmares).
• California legislators also proposed a bill that would make car-makers disconnect abusers’ remote access to cars when that access is being used to “stalk, harass, surveil, and intimidate survivors.”
• US Senators Markey and Wyden are asking the FTC to take action against Toyota, Nissan, Subaru, Volkswagen, BMW, Mazda, Mercedes-Benz, and Kia -- and their executives -- for sharing drivers’ location data with government agencies without a warrant, violating the industry’s own “privacy principles”.

And even the car companies’ noodly answers are helpful in driving change.

May 2024 - Cars & Consumer Data: On Unlawful Collection & Use