Mozilla examined how leading automakers protect consumer privacy for the latest edition of its “Privacy Not Included” report. All 25 car brands tested scored “disastrously.” According to Mozilla, they collect data on sexual activity, facial expressions and health, among other things, and also share this information with third parties.
The handling of customer data from car manufacturers such as BMW, Ford, Nissan, Toyota, Tesla, Kia and Subaru was examined. Among other things, they are said to collect data through sensors, microphones and cameras in vehicles and through the cell phones and devices that users pair with vehicles. Other data sources include car apps, company websites, dealerships and telematics systems, according to the study.
Automakers forgo encryption
The data can apparently be shared and sold by manufacturers to third parties. It is also said to be used by manufacturers to look back at intelligence, skills, traits, preferences and other personal characteristics.
The research team behind “Privacy Not Included” also criticized the fact that none of the brands in the test met Mozilla’s minimum security standards. The researchers found that none of the brands encrypted all personal data stored in their vehicles. On its own, only one manufacturer – Mercedes – even responded to Mozilla’s request regarding encryption.
“For many people, their car is a private space – a place where they can call their doctor, have a personal conversation with their child on the way to school, cry their eyes out in heartbreak, or drive to places they don’t want the world to know about. But this idea no longer corresponds to reality: in terms of privacy protection, all new cars are true nightmares on wheels that collect huge amounts of personal data,” comments Jen Caltrider, Program Director at Privacy Not Included.