Most people would be shocked at the amount of information that is gathered and transmitted from cars that we drive around every day. There have already been stories about Tesla employees inappropriately viewing and sharing intimate videos that were recorded without users knowing or consenting. This is obviously an extreme case, but there are constantly huge amounts of data being sent from any modern car.
Cars measure and transmit things like your location, location history, all sorts of telemetry about how you are driving, when the brakes are applied and how hard, seat position, HVAC usage information, information about the media you are playing, and for driver and passenger seats in almost every car (and in some cars all the seats) they even transmit things like the weight of the person sitting in there. We know that companies like Tesla are constantly streaming all of the cameras back to Tesla, but most cars have many cameras now, and it’s never clear what they are doing with that data.
They probably (hopefully) do a rudimentary pass at “anonymizing” the data, however, anyone who knows how that has gone on the web knows that any one of those pieces of data could easily be aggregated with other things to pinpoint exactly who it belongs to.
It’s not hard to imagine a scenario where this massive amount of data is kept by car companies and is compromised by a malicious actor, and used to significantly enrich other compromised data, allowing for impersonation or even extremely targeted phishing campaigns.
Possibly less obvious, but arguably just as upsetting, there’s nothing stopping these car companies from selling all that data to other data aggregators who can then sell it to law enforcement, social media apps, online advertisers, or really anyone who wants to pay for the data. Coupled with all the other data that is collected about you, they can add to their ever-growing live feed of exactly what you are doing any time. Hell, why not sell that info to your insurance company so they can comb through your data and find any nit-picky reason they want to either charge you more for your insurance, or deny any claims they feel like?
The Record asks if it’s time to regulate this industry - As cars hoover up more and more driver data, is it time to regulate the industry?
I would say it’s far past time to do so. As it stands, they don’t have to tell you what they are collecting about you. You also have no say in it. There’s no way to “opt out” of this, other than buy a car from before all this telemetry was being collected, which is not a real solution.
On another level, I feel like if we are the people generating valuable data, we should get something out of it. This is a pipe dream and half meant as a joke, but it is messed up that there are multi-billion dollar companies that make ALL their money off of surveillance on all of us (There are several good books and articles about “Surveillance Capitalism” out there that I recommend reading), yet we are the ones creating the value. They want us to feel like we are the customer, but we’re the product, and we aren’t compensated at all for that “privilege.”
More than anything it is far past time for strict laws giving people more control over their own privacy, and choice over how OUR data is being used. I don’t really believe that we should be paid to allow surveillance. That leads to a bad place, but it is meant as an illustration of the bigger problem of data. We need it codified that it is even OUR data (which right now it kind of… isn’t.), and then we need laws in place allowing us to choose how that is or more importantly isn’t being used.