Skip to main content

Modern cars have worst user data privacy practices


According to a report released by the Mozilla Foundation, cars have emerged as the most egregious offenders in terms of user privacy practices. Out of all the product categories assessed, cars received the dubious distinction of being the "official worst" for privacy. The global nonprofit discovered that a staggering 92 percent of the evaluated automakers afford drivers scant control over their personal data, with 84 percent sharing this information with external entities.

Renowned for its open-source Firefox web browser, the Mozilla Foundation is committed to safeguarding the health of the internet. Their "Privacy Not Included" series has produced various reports and guides that scrutinize how products and services, ranging from mental health apps to app stores, handle user data, offering recommendations for enhanced protection.

A visual representation featuring a car and a startled emoji underscores that all 25 cars examined by Mozilla fell short of the organization's privacy standards. Kia and Nissan garnered special attention for incorporating intimate details, including sexual activity, into their data collection practices.

All 25 car brands scrutinized in the report, including Ford, Toyota, Volkswagen, BMW, and Tesla, failed to meet the nonprofit's basic privacy criteria. They were found to amass more personal data from customers than necessary. The gathered information encompasses everything from medical records to driving habits, like speed, routes taken, and even musical preferences. Notably, Nissan and Kia permit the collection of details about a user's intimate life. In contrast, Mozilla asserts that 37 percent of mental health apps, which also have a questionable track record in data privacy, exhibit better practices in collecting and utilizing personal information.

The report also reveals that 84 percent of the examined car brands freely share personal user data with service providers, data brokers, and potentially dubious entities. Additionally, 76 percent assert the right to sell this personal data, while 56 percent are amenable to sharing user information with government agencies and law enforcement upon request.

Tesla ranked at the bottom in the study, receiving negative marks in every privacy category, a distinction shared by only one other brand. The report singled out Tesla's AI-powered autopilot as "unreliable," citing its involvement in numerous accidents and fatalities.

Mozilla's findings expose that several car companies gather sensitive user information, including photos, immigration status, and even intimate details about their sex life.

In conjunction with the report, Mozilla has also published an analysis elucidating how car companies collect and disseminate user data. This encompasses a range of information, from basic contact details like names, addresses, phone numbers, and email addresses, to more personal data such as photos, calendar entries, and even specifics about the driver's ethnicity, genetic makeup, and immigration status.

Mozilla further asserts that it could not ascertain whether any of the automakers met the organization's minimal security standards for data encryption and safeguarding against theft. Curiously, dating apps and even adult toys often furnish more comprehensive security information about their products compared to cars.

In their report, Mozilla remarks, "While we fretted about internet-connected doorbells and watches potentially invading our privacy, car manufacturers surreptitiously entered the data industry by transforming their vehicles into formidable data-guzzling machines."

The Mozilla Foundation asserts that it dedicated over 600 hours to researching the privacy practices of car brands, three times longer per product than their usual privacy assessments. The report was so scathing that the organization contended that its customary advice for protecting personal data feels like "small drops in a vast bucket." Consequently, the Mozilla Foundation has initiated a petition urging car companies to cease their data collection programs, arguing that they unjustly benefit from these practices, with the hope that heightened awareness will prompt greater accountability for these companies' abysmal privacy practices.

Popular posts from this blog

Signal Introduces Usernames for Encrypted Messaging: A Secure Way to Connect

Signal, the encrypted messaging service, is launching a new feature in the coming weeks: support for usernames. This beta feature allows users to establish unique usernames, enabling connections without divulging phone numbers. source: Signal Blog To create a username, navigate to your settings and select "Profile." Once you've chosen a unique username, generate a QR code or link to share with others. Recipients can connect by entering your username into the chat bar. Usernames can be changed at any time, though previous usernames may be claimed by others. Signal began testing usernames last fall. Unlike social media platforms, Signal usernames do not serve as logins or public handles. They offer a discreet means of communication without revealing personal phone numbers. While a phone number is required to register for Signal, sharing it is optional. Usernames remain private and do not appear on profiles or in chats unless shared explicitly. As Randall Sarafa, Signal'

Safeguarding Internet Privacy: Supreme Court of Canada Upholds Protection of IP Addresses

In a recent ruling, the Supreme Court of Canada affirmed the significance of privacy rights concerning internet addresses. The court declared that police cannot simply obtain a suspect’s IP address without a court order, emphasizing the expectation of privacy that Canadian residents hold for such information. The court's decision stemmed from a case in 2017 involving Calgary police investigating fraudulent online activities at a liquor store. Initially, police demanded IP addresses from a credit card processor, which eventually led to obtaining subscriber information from Telus. This information was pivotal in making arrests and securing convictions in multiple offenses. Despite previous convictions, the accused contested the legality of obtaining IP addresses without proper authorization. The Supreme Court, in a 5-4 decision, asserted that IP addresses carry a reasonable expectation of privacy, necessitating judicial approval before access. The ruling emphasizes that obtaining jud

AT&T Resets Millions of Customer Passcodes After Data Leak: What You Need to Know

AT&T recently confirmed a significant data breach affecting over 7.6 million current customers and 65 million former customers. The leaked information, which dates back to 2019 or earlier, includes personal details like names, addresses, phone numbers, and social security numbers. Fortunately, financial information and call history were not compromised. In response to the breach, AT&T has reset passcodes for affected customers. Passcodes, usually four-digit numbers, serve as an additional layer of security when accessing accounts. However, security experts warn that the encrypted passcodes leaked alongside customer information could be easily deciphered, posing a risk of unauthorized account access. Affected customers are advised to set up free fraud alerts with major credit bureaus and remain vigilant for any suspicious activity related to their accounts. AT&T is proactively reaching out to impacted customers via email or letter to inform them about the breach and the meas