Many Americans’ vehicles serve as a sanctuary of privacy in a fast-paced world. However, a recent report from the Mozilla Foundation reveals that automakers may not be respecting the privacy of their customers, raising significant concerns about data collection and sharing.
In an era where cars have evolved into computers on wheels, they possess an unprecedented capacity to gather information about drivers’ activities and locations. The Mozilla Foundation’s report, released last Wednesday, underscores that this information is often shared with or sold to data brokers, law enforcement agencies, and other entities.
Among the key findings from the study, which examined 25 car brands:
- 56% of automakers will share data with law enforcement in response to informal requests.
- 84% either share or sell personal data.
Notably, Tesla, a prominent electric vehicle manufacturer, received notably low scores across the Mozilla Foundation’s privacy and security criteria. These criteria encompass data usage, customer control over their data, security, and the trustworthiness of artificial intelligence.
The report highlights Tesla’s “questionable track record” concerning the protection of individuals’ privacy, both within and around their vehicles. Of particular concern is Tesla’s handling of data captured by in-car cameras, which has raised privacy issues.
Tesla’s customer privacy notice contains a warning that opting out of data collection may lead to “reduced functionality, serious damage, or inoperability” of the vehicle, as it may impede the system’s ability to provide real-time alerts.
While Tesla did not respond to requests for comment, it’s worth noting that the company has faced previous lawsuits related to privacy concerns, including allegations of video data leakage.
In an age where Americans spend around 300 hours per year behind the wheel, and cars often serve as ad-hoc offices, dining rooms, phone booths, or recording studios, the data generated during this time can be extremely valuable. Current vehicles generate approximately 25 gigabytes of data per hour, a resource worth hundreds of billions of dollars.
In response to growing concerns, the California Privacy Protection Agency (CPPA) has initiated a review of data privacy practices among automakers, particularly those with connected vehicles equipped with technologies for external communication.
Ashkan Soltani, the CPPA’s executive director, emphasized that modern vehicles collect a wealth of information through built-in apps, sensors, and cameras, which can monitor both occupants and individuals in proximity to the vehicle. The review will focus on how these companies comply with California law in collecting and using consumer data.
The emergence of self-driving cars introduces new privacy challenges. A 2022 paper published at the International Conference on Information Networking raised concerns about misusing travel patterns, potentially making individuals vulnerable to stalking and harm. Additionally, a public records request revealed that a San Francisco Police Department training guide explores the potential role of self-driving cars in investigations.
As vehicles become increasingly connected and data-rich, the delicate balance between convenience and personal privacy remains a critical issue, with potential implications for both individuals and the automotive industry as a whole.