Encircle News!

Retro Game Arcade
, , , , , , , , , , , ,

Every car is a smart car, and it’s a privacy nightmare

Katie Malone

Mozilla recently reported that of the car brands it reviewed, all 25 failed its privacy tests. While all, in Mozilla's estimation, overreached in their policies around data collection and use, some even included caveats about obtaining highly invasive types of information, like your sexual history and genetic information. As it turns out, this isn’t just hypothetical: The technology in today’s cars has the ability to collect these kinds of personal information, and the fine print of user agreements describes how manufacturers get you to consent every time you put the keys in the ignition.

“These privacy policies are written in a way to ensure that whatever is happening in the car, if there's an inference that can be made, they are still ensuring that there is protection, and that they are compliant with different state laws,” Adonne Washington, policy council at the Future of Privacy Forum, said. The policies also account for technological advances that could happen while you own the car. Tools to do one thing could eventually do more, so manufacturers have to be mindful of that, according to Washington.

So, it makes sense that a car manufacturer would include every type of data imaginable in its privacy policy to cover the company legally if it stumbled into certain data collection territory. Nissan’s privacy policy, for example, covers broad and frankly irrelevant classes of user information, such as “sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information” under types of personal data collected. 

Companies claim ownership in advance, so that you can’t sue if they accidentally record you having sex in the backseat, for example. Nissan claimed in a statement that this is more or less why its privacy policy remains so broad. The company says it "does not knowingly collect or disclose customer information on sexual activity or sexual orientation," but its policy retains those clauses because "some U.S. state laws require us to account for inadvertent data we have or could infer but do not request or use." Some companies Engadget reached out to — like Ford, Stellantis and GM — affirmed their commitment, broadly, to consumer data privacy; Toyota, Kia and Tesla did not respond to a request for comment.

Beyond covering all imaginable legal bases, there simply isn't any way to know why these companies would want deeply personal information on their drivers, or what they'd do with it. And even if it's not what you would consider a “smart” car, any vehicle equipped with USB, Bluetooth or recording capabilities can capture a lot of data about the driver. And in much the same way a "dumb" tv is considerably harder to find these days, most consumers would be hard pressed to find a new vehicle option that doesn't include some level of onboard tech with the capacity to record their data. A study commissioned by Senator Ed Markey nearly a decade ago found all modern cars had some form of wireless technology included. Even the ranks of internet listicles claiming to contain low-tech cars for "technophobes" are riddled with dashboard touchscreens and infotainment systems.

“How it works in practice we don’t have as much insight into, as car companies, data companies, and advertising companies tend to hold those secrets more close to the vest,” Jen Caltrider, a researcher behind Mozilla’s car study, said. “We did our research by combing through privacy policies and public documentation where car companies talked about what they *can* do. It is much harder to tell what they are actually doing as they aren’t required to be as public about that.”

The unavailability of disconnected cars combined with the lack of transparency around driver data use means consumers have essentially no choice to trust their information is being used responsibly, or that at least some of the classes of data — like Nissan's decision to include "genetic information" — listed in these worrying privacy policies are purely related to hypothetical liability. The options are essentially: read every one of these policies and find the least draconian, buy a very old, likely fuel-inefficient car with no smart features whatsoever or simply do without a car, period. To that last point, only about eight percent of American households are carless, often not because they live in a walkable city with robust public transit, but because they cannot afford one.

This gets even more complicated when you think about how cars are shared. Rental cars change drivers all the time, or a minor in your household might borrow your car to learn how to drive. Unlike a cell phone, which is typically a single user device, cars don’t work like and vehicle manufacturers struggle to address that in their policies. And cars have the ability to collect information not just on drivers but their passengers.

If simply trusting manufacturers after they ask for the right to collect your genetic characteristics tests credulity, the burden of anyone other than a contract lawyer reading back a software license agreement to the folks in the backseat is beyond absurd. Ford’s privacy policy explicitly states that the owners of its vehicles “must inform others who drive the vehicle, and passengers who connect their mobile devices to the vehicle, about the information in this Notice.” That’s about 60 pages of information to relay, if you’re printing it directly from Ford’s website — just for the company and not even the specific car.

And these contracts tend to compound on one another. If that 60-page privacy policy seems insurmountable, well, there's also a terms of service and a separate policy regarding the use of Sirius XM (on a website with its own 'accept cookies' popover, with its own agreement.) In fairness to Ford, its privacy notice does allow drivers to opt out of certain data sharing and connected services, but that would require drivers to actually comb through the documentation. Mozilla found many other manufacturers offered no such means to avoid being tracked, and a complete opt-out is something which the Alliance for Automotive Innovation — a trade group representing nearly all car and truck makers in the US, including Ford — has actively resisted. To top things off, academics, legal scholars and even one cheeky anti-spyware company have repeatedly shown consumers almost universally do not read these kinds of contracts anyway. 

The burden of these agreements doesn't end with their presumptive data collection, or the onus to relay them to every person riding in or borrowing your car. The data held in-vehicle and manufacturer's servers becomes yet another hurdle for drivers should they opt to sell the thing down the line. According to Privacy4Cars founder Andrea Amico, be sure to get it in writing from the dealer how they plan to delete your data from the vehicle before reselling it. “There's a lot of things that consumers can do to actually start to protect themselves, and it's not going to be perfect, but it's going to make a meaningful difference in their lives,” Amico said.

Consumers are effectively hamstrung by the state of legal contract interpretation, and manufacturers are incentivized to mitigate risk by continuing to bloat these (often unread) agreements with increasingly invasive classes of data. Many researchers will tell you the only real solution here is federal regulation. There have been some cases of state privacy law being leveraged for consumers' benefit, as in California and Massachusetts, but on the main it's something drivers aren't even aware they should be outraged about, and even if they are, they have no choice but to own a car anyway.

This article originally appeared on Engadget at https://www.engadget.com/every-car-is-a-smart-car-and-its-a-privacy-nightmare-193010478.html?src=rss

https://www.engadget.com/every-car-is-a-smart-car-and-its-a-privacy-nightmare-193010478.html?src=rss

Follow Us

Featured Posts

October 2024
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
28293031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews This Week in Tech (Audio)

CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews Sam Altman's AI Manifesto News from Meta Connect Gavin Newsom vetoes sweeping AI safety bill, siding with Silicon Valley The Panel discusses CoPilot The Panel debates AGI James Cameron Joins Board of Stability AI in Coup for Tech Firm SAG-AFTRA Calls Strike Against 'League of Legends' Rabbit says only 5,000 people use the R1 daily Orion: True AR Glasses Have Arrived AI smackdown: How a new FTC ruling just protected the free press DoNotPay has to pay $193K for falsely touting untested AI lawyer, FTC says Firefox Review Checker – Ensure review authenticity in your online shopping New California law requires one-click subscription cancellations The DOJ sues Visa for locking out rival payment platforms NIST proposes barring some of the most nonsensical password rules Some Mad Genius Put ChatGPT on a TI-84 Graphing Calculator 23andMe troubles, company recently settled data insecurity suit for $30 mil Host: Leo Laporte Guests: Denise Howell, Parmy Olson, Daniel Rubino, and Henry Laporte Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: lookout.com 1password.com/twit shopify.com/twit veeam.com flashpoint.io
  1. TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews
  2. TWiT 998: Artisanal Locally-Sourced Dopamine – Amazon Returns to Office, CA AI Bill, Elon Backs Down
  3. TWiT 997: Put an OLED on it – iPhone Event 2024, $700 PS5, AI in AU
  4. TWiT 996: The Quiet Office Crackdown – Starlink Backtracks, AI Royalty Heist
  5. TWiT 995: The Story of Us – AnandTech Shuts Down, Brazil Bans X, Alexa Revamp