Toronto, Ontario — Automakers bring the spy to spyware in a recent Mozilla survey showing that most major manufacturers admit they may be selling drivers’ personal information.
Mozilla–a not for profit foundation that promotes open-source, public interest technologies and maintains the Firefox browser–reviewed 25 major automotive brands in Europe and North America and found that not one of them met Mozilla’s security standards.
For context, of the brands reviewed, 50 percent claimed that they would share drivers’ personal information with the government or law enforcement without a court order, and 76 percent shared that they would sell drivers’ personal data to third party sources.
This is in comparison with other private data collecting devices such as fitness trackers, reproductive health apps, smart speakers and other smart home devices, all of which outperform cars in terms of individual privacy.
With the increase of technology in vehicles, they are quickly becoming primed for data collection, and although privacy policies do exist, many vehicle brands continue to spy under the radar.
According to Mozilla Foundation researchers: “[cars] can collect personal information from how you interact with your car, the connected services you use in your car, the car’s app (which provides a gateway to information on your phone), and can gather even more information about you from third party sources like Sirius XM or Google Maps.”
With the data collected, car brands can come to know anything from a driver’s medical information, genetic information, a driver’s taste in cultural categories such as music taste, and even intimate details about a driver’s personal relationships.
Of the car brands reviewed, Tesla and Subaru came last on Mozilla’s list, with the foundation citing Tesla’s A.I. features as a major security concern, and Subaru being dinged for its lack of transparency regarding the boundaries of user consent.
Notably, for Subaru, Mozilla noted that their privacy policy says that even passengers of a car that use connected services have “consented” to allow Subaru to use — and maybe even sell — their personal information just by being inside the vehicle with the driver.
However, Mozilla stresses that there are steps that can be taken to protect personal data and these include avoiding or limiting the use of car applications and providing access to personal devices.
Ultimately, until better user security policies are put in place, vehicles will unfortunately remain more than a little buggy.
