New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.

Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.

But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.

A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.

  • ThermonuclearCactus@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    4 days ago

    I mean if you’re mechanically talented enough and sufficiently motivated, you could probably rip out the digital controls and replace them with mechanical analogs, getting rid of the computer entirely. Extremely difficult, but probably doable if you know what you’re doing.

    That aside, we shouldn’t have to do that to get out of being spied on.

    • archomrade [he/him]@midwest.social
      link
      fedilink
      English
      arrow-up
      10
      ·
      4 days ago

      The more we electrify our cars, the less feasible this is.

      Decoding and sending messages to mechanical systems over the CANBUS is one thing (still difficult, but possible), but taking control over system software is another. In the us, consumers are supposed to have the right to repair their personal vehicles, but a lot of that law was established back when you could do work on a vehicle without having access to digitally protected copyright. We might have a right to repair, but that’s starting to clash against their copyrights over their IP and software controls.

      And that’s not even getting into their eagerness to utilize subscription models - would a court side with a consumer if they decided they wanted to circumvent DRM controls over subscription-controlled car features (a car that they own outright)? It’s unclear to me that right to repair or consumer protections have been written in a way to accommodate those conflicts… Especially when cars are subject to far higher safety regulations than computers - a manufacturer could argue that they need to prevent consumers from tampering with their software systems for their own safety.

      If you still own a ‘dumb’ car without one of these systems, it’s really not a bad idea to hold onto them for as long as possible. You can always upgrade them if you want to - some people have even replaced ICE transmissions with electric ones. But once you own one of these cars with software-controlled systems, it’s far harder to strip them out. Especially once they start requiring cellular connection to operate or function (or require connections to privately-owned satellite constellations…)