Cars are evolving fast. With the rise of electric vehicles and the ongoing development of autonomous driving technologies, even though we’re still far from fully self-driving cars, there are other significant changes happening. These days, cars are becoming more connected and increasingly controlled by computers. As they gather more data, privacy issues are becoming really critical. Unfortunately, cars are not doing a good job at protecting your privacy. In fact, they’re quite bad at it.
According to a new report from Mozilla, every major car brand has significant privacy problems. So much so, that Mozilla ranked cars as “the worst category of products for privacy,” even worse than mental health apps and sex toys, which are already notorious for poor privacy practices.
There are numerous reasons why cars are so lousy at protecting your privacy. Firstly, they collect a vast amount of data. The report emphasizes that this is common across all car brands. They gather data on how you interact with your car, and sometimes information from third-party services like Google Maps. If you use a companion app, cars can even pull data from your smartphone.
What’s worse is how they handle this data. Around 84% of car brands share your personal data, and 76% of them actually sell it. Unlike other devices like TVs, users cannot opt out of these intrusive data practices. In fact, 92% of car brands do not give users any control over their data, with only two brands allowing users to delete it.
The conclusion of the study is quite grim: not a single car company met Mozilla’s Minimum Security Standards, which cover basic things like data encryption.
One of the most surprising findings is related to which companies are the worst. You might expect that tech-savvy new brands would handle user privacy better— but Tesla was found to be the worst offender. Tesla cars failed in every category of Mozilla’s study, meaning they collect user data without giving any control to the user, and they don’t secure that data well. This is despite Tesla having signed onto a list of Consumer Protection Principles, which they apparently don’t follow.
Even though Tesla is bad, Nissan is arguably worse in certain creepy categories. Nissan collected data about users’ “sexual activity.” Kia also collects information regarding users’ “sex life,” and a total of six car companies collect users’ “genetic information.”
It’s pretty absurd.
Solving this problem is not straightforward. Mozilla suggests that their usual advice to consumers feels like “tiny drops in a massive bucket.” In other industries, you could choose to spend your money on companies with good data practices. If you don’t like Google’s data collection, you can switch to an iPhone.
But with cars, this option is nearly non-existent. While some car companies might be slightly better, none of them are truly good at protecting your privacy. Switching cars is also much more complicated than switching phones. The process of visiting a dealer, registering a new car, and selling the old one is a hassle, especially in today’s competitive market where new models are snatched up quickly.
So, what can be done if we can’t vote with our wallets? Car companies aren’t just careless; they’re making money off selling your data long after you’ve purchased the car. They won’t stop this profitable practice unless forced to by law.
Therefore, there needs to be stronger legislation around data collection and the selling of user data. Car companies should be held to higher standards of data protection, and if they fail and data gets leaked or hacked because of their negligence, they should face substantial fines. In the meantime, pressuring lawmakers could be our best hope to make sure car companies stop tracking every move we make in the cars we own.