In a recent report, Mozilla revealed that all 25 car brands it reviewed failed its privacy tests. The study showed that these brands, in their privacy policies, overreached in their data collection and use practices. Some even included clauses about obtaining highly invasive types of information, such as sexual history and genetic information. This is not a hypothetical situation, as modern cars equipped with advanced technology have the ability to collect these personal details. The fine print of user agreements describes how manufacturers get drivers to consent to these data collection practices every time they start their car.
The reason behind car manufacturers including every type of data in their privacy policies is to cover themselves legally in case they accidentally stumble into certain data collection territory. For instance, Nissan’s privacy policy covers broad and irrelevant classes of user information, including sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information. While Nissan claims that it does not knowingly collect or disclose customer information on sexual activity or sexual orientation, some US state laws require them to account for inadvertent data they have or could infer. Other companies like Ford, Stellantis, and GM affirm their commitment to consumer data privacy, while Toyota, Kia, and Tesla have not responded to requests for comment.
Even if a car is not considered a “smart” car, it can still collect massive amounts of data about the driver if it is equipped with USB, Bluetooth, or recording capabilities. It has become increasingly difficult to find a new vehicle option without some level of onboard tech that can record personal data. A study commissioned by Senator Ed Markey several years ago found that all modern cars had some form of wireless technology included. Unfortunately, it is challenging to determine exactly how car companies are using this data, as they are not required to be transparent about it. This lack of transparency means that consumers have no choice but to trust that their information is being used responsibly.
Moreover, the use of shared cars further complicates the issue. Rental cars change drivers frequently, and minors may borrow cars to learn how to drive. Unlike cell phones, cars do not work as single-user devices, and manufacturers struggle to address this in their privacy policies. Cars can collect information not only about the driver but also their passengers. The burden of responsibility falls on the owners to inform others who drive the vehicle or connect their devices to it about the privacy policies, which can be as long as 60 pages.
Related Post
These lengthy privacy policies often compound on one another, making it even more challenging for drivers to understand and comply with them. Some agreements even resist giving drivers the option to opt out of data sharing and connected services. Studies have shown that consumers generally do not read these contracts thoroughly, exacerbating the problem. Furthermore, when drivers decide to sell their cars, they face the additional hurdle of ensuring their data is deleted from the vehicle and manufacturer’s servers.
To address these issues, many researchers argue that federal regulation is needed. While there have been some state privacy laws that benefit consumers, most drivers are not even aware of the privacy concerns or their rights. Additionally, many consumers are unable to avoid owning a car due to lack of alternatives, regardless of the privacy risks.
In conclusion, the privacy policies of car manufacturers have raised concerns due to their overreaching data collection practices. The fine print often includes clauses about obtaining highly personal information, and the advanced technology in today’s cars allows for the collection of such data. The lack of transparency and the burden placed on consumers to protect their privacy highlight the need for federal regulation and greater awareness among drivers.
