Car Privacy is Horrid

Modern cars are chock full of sensors and connected to the internet via built-in cellular modems. That’s a recipe for massive data collection. Last September, Mozilla’s Privacy Not Included team released a blockbuster report how much data our cars were gathering and it was absolutely staggering. According to the hard-to-find privacy policies, your car can collect extremely personal information including precise location, contact lists from your phone, call and message data, and – believe it or not – even “sexual activity”. Today, I’ll walk through this report and its implications with the head of Mozilla’s Privacy Not Included project, Jen Caltrider.

Interview Notes

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:02:39: What were some top finding from your car privacy report?
  • 0:05:14: Which cars did you review and how did you evaluate them?
  • 0:09:44: How was I notified and how did I consent to my car’s privacy policy?
  • 0:10:39: What are cars tracking? Are electric cars any worse than gas cars?
  • 0:13:55: What third party data mining is going on in my car?
  • 0:20:41: Is there a way to opt out of data sharing?
  • 0:24:10: Is less data collected in Europe?
  • 0:26:02: Where is all my data stored? Locally, in the cloud, or both?
  • 0:28:52: Is the data at least secured?
  • 0:29:48: Can dealerships access my data? What about law enforcement?
  • 0:32:28: What about rental or fleet cars? What about passengers?
  • 0:37:24: Do car dealers disclose this data collection to shoppers?
  • 0:39:11: What are some of the security problems with this data collection?
  • 0:45:55: How did car makers and legislators respond to your report?
  • 0:48:36: Do modern privacy laws cover auto data?
  • 0:50:48: So what can we do about this today?
  • 0:54:30: What will Privacy Not Included tackle next?
  • 0:58:40: Wrap-up