New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.
Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.
But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.
A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.
This analysis uncovered concerning practices. There are enormous obstacles for consumers who want to find and understand the privacy terms. Some brands also make inaccurate claims that certain information is not “personal information”, implying the Privacy Act doesn’t apply to that data.
Some companies are also repurposing personal information for “marketing” or “research”, and sharing data with third parties.
If this data is misusedWhen this data is misused
So how can I disconnect my car from the internet?
In general, don’t allow it to connect to wifi. As for specific makes/models that might have their own uplink, look into disconnecting antennas.
This is why I’ll own older cars for the rest of my life.
It shouldnt just be called a privacy risk. Its a safety risk because it enables stalking with little to zero effort on the stalkers side.
Please describe this zero-to-little effort attack chain.
You go to a data broker that sells “anonymized” location data and give them money and a region of interest. Done.
Yup. Police do that, and I’m guessing it wouldn’t be too hard if you’re persistent (claim to be a private investigator or something).
Found it (In german but we have translators these days…) https://netzpolitik.org/2024/databroker-files-firma-verschleudert-36-milliarden-standorte-von-menschen-in-deutschland/
This is about phone location data, but i dont see any reason why cars would be any different, they create less privacy sensitive data than phones in a way.
The people that wrote this article actually got a huge amount of slightly older data for free just as a sample. But this is the scale these data brokers operate at:
The data itself comes from the US company Datastream Group. It offers such location data on a monthly subscription basis. According to the offer, it comes from up to 163 countries and is updated hourly.
You can buy huge amounts of location data for anyone anywhere that uses a standard google or apple phone. Im not sure if you even need to have some random app, like socials or anything with ads in it, installed that leaks this data or if its just google and apple themselves that sell it. All you need is a single identifying point of confirmed time+location for your target and then you can reconstruct their entire movement from that.
This has very obvious and less obvious horrible implications. Things like tracking victims of abuse, finding out peoples home address after meeting them once, tracking military personnel movement, tracking people going to sex related locations, prisons, abortion clinics, endless potential for abuse.
Awesome!
The difference, though, is I can turn off my phone if I want to, but I can’t really turn off the car tracking unless I tear apart the car to remove the antenna (or at least the power). Some cars make it easy in the fuse box, but others make it a PIA.
I’m planning to switch to a VOIP number and only use my SIM for data and SMS 2FA. Then I can turn off/remove the SIM as needed. Once I don’t need SMS anymore, I can get a data only SIM and hopefully hide among the various iPads and smart watches.
I wish I could trust my carrier, but articles like the one you mentioned remind me that I really can’t.
My cars are not modern enough for that, but I always carry a surveillance device in my pocket to make up for it.
Anything of note that Mozilla didn’t already cover? https://foundation.mozilla.org/en/blog/privacy-nightmare-on-wheels-every-car-brand-reviewed-by-mozilla-including-ford-volkswagen-and-toyota-flunks-privacy-test/
You gotta love that there are benchmark for that… The company that can’t even get free, right.
I really like their Amazon reviews thing that they bought… I bet the shady dude that had all the fucking people finder sites was in charge of that cause it’s got the same kind of fucking cheesy-graphic-load-screen… basically, the only functional piece of software they had at that point cause they hadn’t touched it, and then they went an AIed it up…
Here’s a new idea, why doesn’t everybody in the fediverse post their favorite privacy enhanced Firefox rebrand:
I’m really confused by your comment and it seems like you’re assuming everyone knows what you’re talking about already. Could you provide some context?
What about “Free” are they getting wrong? (I’m assuming you’re talking about Mozilla here?).
What Amazon reviews thing? Who was this “shady dude”, what did he do that was so “shady”, and how does that relate to Some Amazon review thing if you’re not even sure that he was behind it to begin with?
What does “Aled it up” mean?
Sorry… busy day and I’m going to need a real computer for this 😅
RE Free… nothing really, just being bitter. I’m not a huge fan of a lot of the little tie-ins like Pocket, but I respect the hustle… if not the business plan.
The Amazon review thing they bought is Fakespot™, check it out if you shop on Amazon. Here the Ai nonsense is just some summaries of the reviews it digested… not inherently bad, but the whole experience is painfully slow. Still. Well worth checking out if you haven’t.
Shady dude gets a 📌 for now. Sorry. Time.
If you check out Fakespot you can’t miss it. Have yet to try the browser integration, although I have enabled it for some reason…  
I dislike the way you type.
The Amazon reviews thing I assume is referring to Fakespot, which Mozilla bought some time ago.
But I’m confused about their “AI’ed it up” comment because from the very beginning Fakespot was using ML to determine the tone of reviews and whether or not they were lying about the product/paid reviews by the seller.
Just griping a bit about what’s probably more of a design/branding change than anything.
I think fakespot is promising tech that we desperately need more of.
Can’t hurt to have it in their hands, hope to see more server resources ;-)
No shit.
My next vehicle is going to be fully mechanical with a carburetor and no computerized bullshit.
Just get an early OBD 2 car with no internet access and you are good or get an EFI kit for an old car as well. Carbs suck.
a well tuned carb will outperform an EFI system
for about two hours. 🤣
EFI is dynamic and adjusts the system as needed. However, a carb can be fixed with almost anything. I have a feeling that some of the older parts for EFI vehicles will be bought by major manufacturers and trashed/over priced to improve new vehicle sales and long term data collection goals. almost exactly how GM parts are today.
deleted by creator
Fortunately we don’t?
Modern cars have been privacy invading for a while. Goes back to the ownership torch thing again. Tesla can disable your car if they want. Why pay so much up front if you’re not in control? Old vehicles are the way to go.
How would you even know about any of this stuff? I am not fortunate enough to afford a new vehicle but I imagine when you’re at the dealer they’re not like “so these cameras will watch you all the time… For safety and security, of course…”
Great. Now I can’t jerk off in my car anymore!
Or maybe this is the perfect opportunity to stick it to The Man and jack off even more, exclusively in your car! Maybe get into some really freaky stuff, give’em a proper show!
Ooh, beads and whatnot sound fun.
Expulsion of an enema all over the camera would be tempting if it weren’t such a mess to clean up. Maybe in a rental…
Trash bags. The solution to any problem is more trash bags!
I feel like towels would be much more practical. Just cover the stuff that’s hard to clean and you won’t need to worry about runoff.
Heeey, that works! Maybe a mix of both, I’m still worried about contact stains in the case of a… hefty expulsion:-?
On the towels? Just use older towels, NBD.
Or do you mean from liquids bleeding through? I guess you could use them as a barrier, or just add more towels.
