Driving Under Surveillance: Your Car’s Silent Betrayal
Previously, we discussed the fact that your mobile phone vendors are providing your location information (and more) to data brokers who, in turn, sell that information to advertisers. I have some alarming news for you, that is not the only way that you are being surveilled by today’s technology. Basically, if your device has a connection to the internet, there’s probably a way to spy on you whether that device is a phone, tablet, baby monitor, or your car.
In the United States, your privacy is NOT protected. There is no settled law on what is or is not allowed to be collected from you electronically. Although law enforcement cannot collect the information without a warrant, they can purchase the information that is in the public domain. Almost all End User License Agreements (EULA) that are required before using your digital applications (like a browser), have a stipulation that you allow them to collect and even sell your data. This is all legal and very lucrative in the U.S.
Unlike the U.S., the European Union (EU) has a law that protects the privacy of their citizens called the General Data Protection Regulation (GDPR). This law dictates that the personal data should only be stored as long as necessary with safe and secure processing. Two of the key rights included in the GDPR are: 1. The right to know what data is being collected and how it is used. 2. The right to have your data deleted from the databases.
Previously we discussed how the applications on your devices gather your data and sell that to data brokers who sell advertisements. Do you realize that your car may be gathering data about you? In a typical new car these days, data can be gathered from your navigation system, Bluetooth, the Tire Pressure Monitoring System, cameras, and your infotainment system. Anyone can put a radio receiver at travel choke points and follow specific cars as they travel around.
Did you know that car companies, like Kia, Nissan, GM, and many more, glean personal information about drivers after they pair their smartphones with a vehicle’s connected services? They can take that information and sell it to vendors and insurance companies. You don’t have to sign up to be tracked by GPS by your insurance company for them to know your driving habits. Just last week someone relayed a story about their friend whose insurance company cancelled his insurance through data the insurance company bought from the vendor. The company claimed that driver accelerated too fast and broke too hard for them to continue to insure him. They do not need to ask you how you drive; the insurance companies already know.
LexisNexis Risk Solutions and Verisk are consumer reporting agencies that use driver data to create a risk score that they share with insurance companies. A report can show a driver’s individual journeys, showing information like trip durations, distances, instances of speeding or abrupt driving maneuvers. If you have OnStar in your car, you likely consented to sharing this data when you bought the car perhaps without realizing it. There are multiple class action lawsuits against GM, OnStar and LexisNexis ongoing at the time of this writing claiming that their data was collected and used against them without their consent.
If you are curious to see what data is being collected from LexisNexis, you can go to their website and request a report at https://consumer.risk.lexisnexis.com/request. Your auto makers all have similar request forms. Some states (not Arizona) have laws allowing consumers to opt out of having their information sold to third-parties.
This is just the tip of the iceberg with respect to how you are being tracked on the internet. We can cover more in later articles. If you would like your data protected similar to what the EU does with the GDPR for their citizens, contact your state and federal representatives.