Skip to content
Join our Newsletter

John Ducker: Personal data at risk behind the wheel

If you drive an older car there’s not much to worry about in terms of personal data and privacy. But a new model with reams of gadgets and sensors is a different story.
All those screens in your car might be hiding the amount of information your car can glean from you, including data from your smartphone. VIA TNS

My focus is usually about the road and the driving environment we have to contend with every day out there in order to make it home safely. Lately, though, a steady stream of news reports flowing into my inbox have me thinking about a different kind of safety for drivers — your personal information and privacy.

If you drive an out-of-date, though well-maintained, jalopy as I do, there’s not much to worry about. But if you’re in a later-model vehicle, with reams of tech gadgets and sensors — the type that turn your car into being “smart” — you frankly should have some worries.

According to a report released in September 2023 by Mozilla, a free open-source internet browsing search engine dedicated to user privacy, automakers’ data collection practices generally rank somewhere between bad and terrible.

The report points out frankly: “All 25 car brands we researched earned our *Privacy Not Included* warning label — making cars the official worst category of products for privacy that we have ever reviewed.”

Every car brand they looked at collects more personal data than necessary and then uses that information for purposes other than bona fide reasons needed to operate a vehicle or manage the relationship they have with vehicle owners.

The collection of that data is only the beginning. According to Mozilla, 84% of the car brands they researched claim they can and do share personal data with service providers, data brokers and other businesses that Mozilla claims they know little or nothing about.

A detailed review of car makers’ security policies borders on the disturbing. Two far-eastern manufacturers have a data collection category that includes your sex life. Six car companies’ privacy policies claim they can collect your genetic information or genetic characteristics.

Mozilla’s research team spent 600 hours collecting and analyzing policies from practically all major manufacturers — three times the amount they normally devote to a research project. Their conclusions are both startling and depressing.

They were unable to find a “complete picture” of how any manufacturers use or share the data. Remember, this involved three full-time researchers working for 600 hours. “How does the average time-pressed person stand a chance?” the report asks.

In one example, the Mozilla team learned that a Japanese manufacturer’s privacy policy says that even passengers of a car who use the connected services the vehicle offers “consent” to allow that manufacturer to use, and possibly even sell, their personal info simply by getting inside.

I can understand and mostly agree with the use of data in the “black box” scenario — where recorded driving data can provide answers in serious collisions or dangerous driving behaviour. That’s a portal to the truth about driving actions that create a safer driving general environment. Beyond that, particularly without meaningful consent about where our information is going, we should be worried.

The biggest problem at the moment is that there is little recourse for the consumer here. According to the U.S. Electronic Frontier Foundation: “Without a national law that puts privacy first, there is little that most people can do to stop this sort of data sharing. Moreover, the steps [to protect your privacy at the moment] clearly require far too much effort for most people to take.”

The best advice privacy watchdogs are offering around this issue right now is to start with a privacy request to your manufacturer. If enough requests are received, they might start thinking differently about our privacy. Vehicle standards in Canada are federally regulated, so a letter to your MP might also be in order.

To read the full Mozilla report, follow this link:

Glove Box: A reader question came up this week around drivers who veer into the oncoming lane in order to pass a cyclist. This grey area has now been made much more black and white with new motor vehicle rules concerning passing cyclists and other “vulnerable road users.” Effective June 3, 2024, you have to give them a minimum of one meter clearance as you pass them, and 1.5 metres of clearance if the speed limit is greater than 50 km/h. It’s also important to note that you must also maintain a three-metre distance behind vulnerable road users as you follow them. I wrote recently that the crossing of solid lines will be allowed soon under these new rules in order to give vulnerable road users safe distances, but not at the expense of forcing an oncoming vehicle to swerve out of your way — all passing must be done safely. The only solution then is to be patient and remain behind whatever vulnerable road user you’re following until it’s safe to pass them.

[email protected]