Car brands are 'privacy nightmares on wheels' by collecting and potentially selling driver's data
PA
None of the brands included in the study met the minimum security standards
All 25 major car brands tested in a new study were found to have received failing marks for consumer privacy.
Popular brands like BMW, Ford, Toyota, Tesla, Kia and Subaru are able to collect deeply personal data, according to research from Mozilla.
The data claims that these car brands can collect information such as sexual activity, immigration status, race, weight and genetic information.
This is in addition to more obvious pieces of data, like the places where people most often visit including work and home.
All 25 car brands tested were found to have failed privacy standards
PEXELS
Researchers found that data is being gathered via sensors, microphones, cameras and any connected devices like phones.
With a growing number of people having an app associated with their car, the brands can also get data from the company website and vehicle telematics.
Mozilla warned that these car manufacturers can then share or sell the data to third parties or take the data to make the car more personalised to the driver.
The research, which is part of Mozilla’s *Privacy Not Included report, found that none of the 25 car brands identified met the minimum security standards.
Jen Caltrider, programme director of *PNI, said: “Many people think of their car as a private space — somewhere to call your doctor, have a personal conversation with your kid on the way to school, cry your eyes out over a break-up, or drive places you might not want the world to know about.
“But that perception no longer matches reality. All new cars today are privacy nightmares on wheels that collect huge amounts of personal information."
According to the research, Nissan was the worst offender, with the car manufacturer “admitting” in its privacy policy that it collects a wide range of information, but does not specify how.
Other top offenders include Volkswagen which collects demographic data and driving behaviours for targeted marketing, as well as Toyota which has 12 privacy policy documents that have been described as “near-incomprehensible”.
Renault was found to be the least problematic, with the brand having to comply with the General Data Protection Regulation (GDPR).
Misha Rykov, *PNI researcher, said: “This isn’t the first time Mozilla has uncovered an industry with terrible privacy practices.
“But cars are unique — their privacy flaws impact not just the driver, but also passengers and sometimes even nearby pedestrians. They can hear you, see you, and track you.
“Today, sitting in someone’s car is a lot like handing your phone over to the auto manufacturer.”
LATEST DEVELOPMENTS:
Renault must comply with GDPR standards
PA
Analysts have suggested that by 2030, car data monetisation could be an industry worth $750billion or £597billion.