In recent years, the automotive industry has championed the growing integration of connectivity technologies in vehicles, offering a wide range of internet-based services, from infotainment to advanced navigation. The connected cars raise significant concerns about the privacy and security of your personal information. And yet, the consulting firm McKinsey predicts that by 2030, 95% of new cars sold globally will be connected.
A recent study conducted by Mozilla Foundation as part of its Privacy Not Included initiative, has revealed that connected vehicles pose a real threat to privacy privacy of users. To develop the report, now publicly available, Mozilla engineers examined the systems offered by 25 car manufacturers. And they found critical issues that deserve a series of insights.
Connected cars: privacy nightmare
The conclusion is that in all cases examined, the car manufacturers are deficient in the protect personal information of their customers. The report highlights, first of all, that the platforms automotive they collect an excessive amount of personal dataincluding details such as users’ driving behavior, facial expression, weight and even ethnicity.
The acquired data is then used for targeted advertising purposes, with some car manufacturers reserving the right to sell this information to third parties. Most car manufacturers (84%) shares or sells data of drivers, while 92% of them do not provide any meaningful control over the management of personal data.
Mozilla also claims that it could not be determined whether the builders use cryptographic measures adequate on the data collected: the company has received only a positive response from Mercedes-Benz.
Among the brands examined, Renault was rated as the best, obtaining a negative evaluation only on one of the five aspects evaluated: use of data, control over collected data, tracking data, security and artificial intelligence. There is a follow Dacia with two negative ratings. Tesla instead it stood out as the worst, obtaining a negative evaluation in all five points. It’s all written down in the Mozilla report.
The results of the Mozilla study are categorical and invite all parties involved to start a serious reflection
Mozilla doesn’t mince words and indicates that the category automotive is to date the worst ever if we talk about lack of privacy protection measures of every single individual.
The privacy issue in connected vehicles is of the utmost importance, as more and more people use these cars and the data collected can allow the creation of profiles extremely accurate on each user. It is imperative that consumers and Regulatory Authority pay more attention to the issue, in order to ensure that users are adequately protected and that car manufacturers take effective measures to ensure the safety and privacy of drivers.
Where does the personal data of users collected on connected cars go
The data economy may be enticing, but it doesn’t have to jeopardize people’s privacy and security, notes Mozilla. The foundation has published an article in which it describes itself in detail where the user data goes collected on their cars.
Mozilla explains that it is very difficult to get a clear view of data streams between vehicles, connected apps, connected services, etc. There are touch sensors and screens that work with a simple swipe of the finger, a wave of the foot or with the voice commands. “The future is now!“, says Mozilla. “But having all those microphones, cameras and sensors sending signals through the car’s computers also means that every time you interact with your car, you contribute to an updated log that tracks what you do. Like when you turn the steering wheel or unlock the doors. Usually all this information is collected and stored by the car manufacturer“.
The foundation notes that other driver and passenger information may be collected automatically. Because while the car waits to respond to a command, the various sensors they are constantly “listening”. “That’s why the automotive industry’s data centers and data brokers can most likely boast of having so much information“, adds Mozilla again. Most drivers are not even aware of the data collection taking place on their cars; let alone if he has the tools to turn it off.
The first responses from car manufacturers
The first answers came from BMW and Mercedes-Benz: both companies say they have not yet examined the Mozilla study. BMW, however, through the mouth of Phil DiIanni, let it be known that the company “does not sell the personal information of the drivers in the vehicle” and which it adopts “comprehensive measures to protect customer data“.
Andrea Berg (Mercedes-Benz) instead stated that the app MercedesMe Connect offers users privacy settings and the ability to opt out of certain services.