Major automakers are failing at privacy because cars collect substantial personal data on drivers that can frequently be sold or shared, according to a new analysis from the Mozilla Foundation.
Every major car company examined by researchers received a privacy warning label in the Mozilla Foundation’s latest “Privacy Not Included” study released Wednesday.
“Car makers have been bragging about their cars being ‘computers on wheels’ for years to promote their advanced features,” the researchers wrote. “However, the conversation about what driving a computer means for its occupants’ privacy hasn’t really caught up.”
All 25 car companies examined by the Mozilla Foundation collect “more personal data than necessary” and use it “for a reason other than to operate your vehicle and manage their relationship with you,” according to the study.
Carmakers can collect “super intimate information” about drivers in “huge quantities,” researchers said. Nissan and Kia note in their privacy policies that they can collect information about drivers’ “sexual activity” or “sex life,” while six of the companies in the study say they can collect “genetic information” or “genetic characteristics.”
Twenty-one of the car brands say they can share drivers’ personal data with service providers, data brokers and other businesses, while 19 say they can sell personal data and 14 say they can share information with the government or law enforcement agencies in response to a request.
Renault and Dacia, which are owned by the same company, are the only two brands in the study that give drivers the option to have their personal data deleted.
“It’s probably no coincidence though that these cars are only available in Europe — which is protected by the robust General Data Protection Regulation (GDPR) privacy law,” researchers wrote. “In other words: car brands often do whatever they can legally get away with to your personal data.”
The Mozilla Foundation also could not confirm whether any of the companies encrypt the personal information they collect, which researchers noted “might explain their frankly embarrassing security and privacy track records.”
Seventeen of the companies received a “bad track record” mark from the Mozilla Foundation for leaks, hacks and breaches.
Given the poor privacy practices across the board, the study noted that consumers have limited ability to make choices to protect their privacy when it comes to cars.
“People don’t comparison-shop for cars based on privacy. And they shouldn’t be expected to,” researchers said, adding, “Even if you did have the funds and the resources to comparison shop for your car based on privacy, you wouldn’t find much of a difference. Because according to our research, they are all bad!”
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.