New cars as a privacy night mare; Mozilla investigates situation in the U.S.

Stop - Pixabay[German]New cars, purchased in the US, are a privacy nightmare. Vendors reserves with the privacy consent the permission to collect any data on the cars. It is not enough to use cameras, sensors or telematics systems, as well as the coupled mobile devices to capture and record all activities of the drivers or owners, or to forward them to the manufacturers. Even information on ethnicity, weight, genetics or sexual activity may be included and could be collected in a variety of ways.


The Mozilla Foundation looked at 25 car brands in the U.S. to see what data they are allowed to collect under accepted privacy policies (see It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy).

The Mozilla Foundation's statement is that all of the car brands studied earned a "Privacy Not Included" warning. This makes cars officially the worst product category in terms of privacy that the Mozilla Foundation has studied so far, it says. The Mozilla article linked above is primarily about the privacy policy and what the owners/users in the USA are supposed to sign off on.

Cars (or their manufacturers) collect data like hell, and drivers don't give a damn. In the Mozilla Foundation's view, Nissan falls to one of the last places in terms of data protection. The company openly admits in its privacy policy to collecting data on health, genetics and sexual activity.

As if that were not enough, Nissan USA, like other U.S. manufacturers, explicitly reserves the right to share or sell this data. According to the evaluation, 84% of manufacturers share or sell this data to third parties (to service providers, data brokers and other companies in the US). The purpose for which this data is further processed there is as yet unknown.

According to the Mozilla Foundation, only two (Renault and Dacia, both owned by Nissan) of the 25 manufacturers surveyed grant users and owners some control over this data and the ability to have personal data deleted. The Mozilla Foundation speculates that it is no coincidence that Renault and Dacia are European manufacturers where the GDPR applies. The bottom line is that car brands often do everything they legally can to protect your personal data.


Similar articles:
Tesla vehicle data collection
Bluetooth Low Energy vulnerability and the Tesla car theft
Server error: Tesla vehicles could not be opened remotely
Car safety: Kia Challenge and Hyundai Key found on the web
Honda and Acura also had a Year 2K22 bug
Software: Our grave as future car owners?
Security incident: Source Code for Mercedes OLU leaked
Mercedes USA offers "Acceleration increase" package for EQ models only with $1200 annual subscription
Vulnerabilities in connected cars allow remote access at Honda, Nissan, Infiniti, Acura, etc.
Car safety: Kia Challenge and Hyundai Key found on the web

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *