Wyden Presses FTC To Crack Down On Rampant Auto Industry Privacy Abuses
from the sell-everything-that-isn't-nailed-down dept
Last year Mozilla released a report showcasing how the auto industry has some of the worst privacy practices of any tech industry in America (no small feat). Massive amounts of driver behavior is collected by your car, and even more is hoovered up from your smartphone every time you connect. This data isn’t secured, often isn’t encrypted, and is sold to a long list of dodgy, unregulated middlemen.
Last March the New York Times revealed that automakers like GM routinely sell access to driver behavior data to insurance companies, which then use that data to justify jacking up your rates. The practice isn’t clearly disclosed to consumers, and has resulted in 11 federal lawsuits in less than a month.
Now Ron Wyden’s office is back with the results of their preliminary investigation into the auto industry, finding that it routinely provides customer data to law enforcement without a warrant without informing consumers. The auto industry, unsurprisingly, couldn’t even be bothered to adhere to a performative, voluntary pledge the whole sector made in 2014 to not do precisely this sort of thing:
“Automakers have not only kept consumers in the dark regarding their actual practices, but multiple companies misled consumers for over a decade by failing to honor the industry’s own voluntary privacy principles. To that end, we urge the FTC to investigate these auto manufacturers’ deceptive claims as well as their harmful data retention practices.”
The auto industry can get away with this because the U.S. remains too corrupt to pass even a baseline privacy law for the internet era. The FTC, which has been left under-staffed, under-funded, and boxed in by decades of relentless lobbying and mindless deregulation, lacks the resources to pursue these kinds of violations at any consistent scale; precisely as corporations like it.
Maybe the FTC will act, maybe it won’t. If it does, it will take two years to get the case together, the financial penalties will be a tiny pittance in relation to the total amount of revenues gleaned from privacy abuses, and the final ruling will be bogged down in another five years of legal wrangling.
This wholesale violation of user privacy has dire, real-world consequences. Wyden’s office has also been taking aim at data brokers who sell abortion clinic visitor location data to right wing activists, who then have turned around to target vulnerable women with health care disinformation. Wireless carrier location data has also been abused by everyone from stalkers to people pretending to be law enforcement.
The cavalier treatment of your auto data poses those same risks, Wyden’s office notes:
“Vehicle location data can reveal intimate details of a person’s life, including for those who seek care across state lines, attend protests, visit mental or behavioral health professionals or seek treatment for substance use disorder.”
Keep in mind this is the same auto industry currently trying to scuttle right to repair reforms under the pretense that they’re just trying to protect consumer privacy (spoiler: they aren’t).
This same story is playing out across a litany of industries. Again, it’s just a matter of time until there’s a privacy scandal so massive and ugly that even our corrupt Congress is shaken from its corrupt apathy, though you’d hate to think what it will have to look like.
Filed Under: automakers, ftc, lina khan, privacy, ron wyden, vehicles, warrant
Comments on “Wyden Presses FTC To Crack Down On Rampant Auto Industry Privacy Abuses”
Have tools, will delete "features"
Finally created an account just to say this is exactly why dug into the wiring diagrams of my Tacoma the day I bought it and forcefully deleted the uplink to the hive mind. Fortunately for me, it was as simple as removing the fuse for the “Data Collector Module”. The irony is that this also broke the microphone for hands-free calling, which tells me the mic is routed through the data collector and immediately justified my decision.
Re: Have tools, will delete "features"
Well, duh!
The only reason a car maker will install a microphone for hands-free calling is for the data collection.
Re: Re:
Actually, the reason for routing the mic for hands-free calling through the data collector is to allow the insurance companies to charge drivers more no matter what they do: put up with it and get dinged for fuel efficient driving, or remove the fuse and get caught by cops either using the phone while driving or trying to find somewhere to pull over in a panic while the phone’s distracting them as it rings near them, exposing them to higher premiums because of the resulting ticket(s).
Re: Re: Re: Re:
Not sure I follow your logic there. Deleting the fuse just means no data to collect. It didn’t change my driving habits at all since I don’t take calls or texts while driving to begin with. Since 99%+ of drivers would never remove that fuse, their driving habits reflect how little the use of that microphone effects their good or poor decisions, and how infrequently they get cited for those decisions.
Would someone please just dox congress so we can get on with getting some actual privacy laws in place?
Include some nice juicy blackmailable stuff if you would, wanna make sure the laws are strong
Re:
It wouldn’t work. Recall that Diane Feinstein was the biggest cheerleader in Congress for warrantless surveillance. But then when she found out that SHE was being surveilled, she had a fit and nothing changed for the regular people.
https://www.techdirt.com/2014/03/11/senator-feinstein-finally-finds-surveillance-to-get-angry-about-when-it-happened-to-her-staffers/
Open Source Cars
When can I have a car with open source software? I’d like to manage my own data privacy, in addition to improving the user interface.
Re: Open Source Cars
If you want it, you’ll have to build it. Personally, I’m (very) slowly working on designing and building something like that but only for myself. Basically, I want to start with a road-legal rail buggy and swap in the drivetrain from a Tesla Model 3 and my entire infotainment system can be a single-DIN JVC head-unit from Walmart.
Any intention of producing an opensource vehicle for the masses will inevitably get bogged down in all of the things that every other automotive startup stumbles into, plus the added difficulty of finding investors that won’t avoid opensource like it’s the financial plague. I would love for somebody to do it, but until somebody with billions to burn on pure philanthropy and a soft spot for cars it’s not going to happen unless you build it yourself.