In this episode of No Driving Gloves, John explores the topic of car privacy and how our vehicles can track us. He refers to a report by the Mozilla Foundation that claims modern cars are a privacy nightmare, labeling them as the worst product for privacy. John finds the report terrifying, considering the level of surveillance we already experience with our electronic devices. It brings back memories of a song lyric from the 1980s - I always feel like somebody's watching me There ain't no privacy.
00:00 John Derek isn't back from Detroit. Hopefully we'll get a report from him in a week or two. So you've just got John today. And I really, really thought about diving into the UAW strike and discussing that and automotive strikes. But we try to avoid politics on No Driving Gloves. And I really thought we'd get in a lot of trouble, especially when you have a one-sided view. So we've got another special topic for you. Be very, very quiet because it's private.
00:33 announcer Gloves are welcome driving. From exotic to hot rods to I'll get to some that takes spirits, knowledge, and controversy all right in the same city. Buckle up and hang on for the ride. Now for your driving gloves. John Fibiani.
00:48 John Hey, you've got me back. We're going to dive into, we touched on it a few episodes ago a little bit about car privacy and how your car can track you. And this is really, you know, I touched on it, like I said, a few weeks ago, and it, your car watches you, but a report came out from the Mozilla Foundation. And to sum it up, they said modern cars are a privacy nightmare. And not only that, the headline of their article, it's official. Cars are the worst product category we have ever reviewed for privacy. This article came out on September 6, 2023, was written by Jen Kalti Reiter, Misha Rykov, and Zoe McDonald. And I'm going to try to reach out and maybe get one of these people on the show as a guest, but their report is almost downright terrifying. I mean, we worry about our electronic devices, our A devices, our Google Home devices, our lady in the phone. I'm trying not to use any of the keywords to activate this stuff while you're listening. But you know what I mean. All this stuff watches us. I listened to a tech show and the host had commented that Vizio TVs, they only profited something like, I want to say, four million, four billion, I think it's four million dollars off the actual selling of TVs. They profited $46 million off the data the TV collected from your viewing habits, from, I don't know, potential microphones in it, to cameras, to... But just the data that Vizio was able to resell was over 10 times the amount of revenue they got from actually selling the product. You wonder why Vizio TVs are so cheap. It's because they don't care. They're giving you the TV in order to get the information. All they do is cover their costs. And it's kind of looking like, I mean, automakers are looking for any way they can improve those bottom lines. And that would go back to the strike, et cetera, et cetera. But we're not even going to get into that. You know, I'm trying to avoid some discussion about the strike, but The world, this 21st century we live in, the most valuable thing is personal information. There is an unwritten rule that when you go get a free product, you get a game for free on your phone. You subscribe to something and it gives you a benefit. And you think, oh, this is great. This is great. I got this for free. No, you're the product. You are paying for that by providing Whatever information is not known to you. And according to this report from the Mozilla Foundation, privacy not included, is the website, cars have been, like they said, the absolute worst thing they've attested. I heard somebody say the other day he got into a Tesla, rode in a Tesla, and it's a rolling iPad. All an iPad does is collect data about you. It's always listening. You know, we'll talk about you open up your phone, you open up your social media, a pop up ad will come up on whatever website you're on. And surprise, it's something that you were thinking about that you want. Or it's something you weren't even thinking about. And you go, hey, this could be something I want because all of these algorithms, all of these things. are compiling that and your cars no better. And the manufacturers are the automotive manufacturers are taking advantage of this, too. I mean, BMW just this week announced that they weren't going to start charging for heated seats. And we all know my feeling on vehicle subscriptions. Build a car with absolutely everything you can on it. And if you want to charge me a monthly fee, charge me a monthly fee. If I want to use it, I'll pay the monthly fee unless I bought the car. When I when I bought the car brand new, it has all these features. And I check heated seats and massage seats and heads up display and all these things that are built into the car. And I pay a fee. I pay a one time fee when I bought the car. Those pieces stay active for as long as I own the car. When I trade it, all of those features get turned off. And then when the next dealership sells it, He's there selling it dead base. And then if I buy it used and I want heated seats, I can then add, you know, contact said manufacturer and say, turn the heated seats on. Here's $175, blah, blah, blah. Instead of paying for it when I buy the car, you know, if I live in Florida, I don't want heated seats. So it makes no sense for me to pay and upcharge for heated seats on a new car or a used car, because, you know, you go to NADA and you check off my car's got this, my car's got this, my car's got this, my car's... No. Once set value, boom. It doesn't matter what options are on the car, you know, other than physical items, wheels, tires, ground effects kits, aero packages, color, you know, window tint, leather interior, cloth interior. Those can affect value. Those can't be changed. But all this electronic stuff, over the air updates, that's charge for it. I digress, as I do quite often no driving gloves, you feel free to check out all of our back episodes at no drive calm. But going back to, you know, our smartwatches, our doorbells, everything's watching you, not even your doorbell, even if you don't have a. doorbell, your neighbor's smart doorbell is watching you. And all of that information, if you really research, all that information is available for purchase. All that information is available to law enforcement aid. They tested 25 car brand on this, and all of them received their privacy not included warning label. And that made it, like I said, the worst category for their testing. There's kind of five criteria and actually one car manufacturer received all five privacy security risks. And it's the only item they've ever tested that's received all five. They determined all 25 brands. We'll cover the brands a little bit later. They collect too much personal data. Let's see here. I said, you know, I'm kind of summarizing this article, not going to read it to you, but that's right. Every car brand they looked at collects more personal data than necessary and uses that information for a reason other than to operate your vehicle and manage their relationship. They said context, 63 percent of the mental health apps, another product category that stinks at privacy. Only 63% of the mental health apps receive that, as they call it, ding. 100% of 25 different car brands. And that's pretty much the big stack in the world receive this day. And they have so many data collecting opportunity. When you connect your phone, they download everything on your phone. So everything your phone knows, the car now knows. Where you drive, the car knows. How fast you drive, the car knows. How hard you stop, the car knows. It probably knows whether or not you signal lane changes. If you have a vehicle that's connected enough with cameras, it probably knows every red light you run, every evasive maneuver, every parking spot you park over the line. If you use or the navigation on your phone or built into the car. It's tracking everywhere you go and it has that information. If you use satellite radio, it's a whole other category I have issues with. You shouldn't use satellite radio in John's humble opinion. But if you use satellite radio, it knows, again, all of your entertainment preferences. If you plug your phone in and you use your playlist with your downloaded music, it knows your music style. If you play your podcasts through your car stereo, it knows the algorithms on those podcasts and it knows what your interests are. It knows your car knows if you're a woodworker, a knitter, a crocheter paper mache artist if you're listening to you know sexually explicit podcast your car knows it knows that somehow it'll even get generic information and your car even knows your sex life really say how it knows but you know Maybe if you're doing a dating app, it knows if you're looking for men seeking men, women seeking women, men seeking women, men seeking, you know, if you probably surf adult oriented websites, your car is going to know it because it's downloading the information that's on your phone. Does your car need to know all of that? Obviously not. It needs to know some basic things. Their second criteria, do they sell your data? Eighty four percent of these companies sell your data. Like I said, got to figure out where the money's coming from. Well, they say they can sell your data. They don't necessarily do sell your data, but they have the availability to sell your data. And this is any of their service providers, brokers, insurance companies, you know, they can they might not attach your name to it, but they're going to say 88 percent of Mustang drivers have a tendency to exceed the speed limit by 18% in given situations. Or if you are a Corvette owner, you have a tendency to accelerate from a stoplight, you know, harder than 73% of other car owners. That information is gathered by the insurance companies. It's now no longer how many accidents is the car read, how many tickets. They were able to get a whole profile on the car itself, not necessarily your car, but if you buy that model, they'll have a whole profile on how that car is driven by the average owner. and that was sharing, 76% say they can sell it. 56% their terms of service say they can share your information with a government or law enforcement agency upon request. Not a court order, but if the police department says, hey, we're looking for a white Taurus, Oh, we got to probably use something more current. We're looking for a white Hyundai Elantra that was in this vicinity on this day. In theory, Hyundai could provide that information. Well, here's all our white Hyundai Elantras that were operated in this municipality on such and such a day. They can also request, hey, we think Joe Bob was driving erratically before this accident. Our conditions prove it or lead us to say that. Here's the VIN number. Can you give us the driving dynamics for this vehicle on Tuesday, October 48th, you know, 2023? Made up date, obviously. But they just honor our request. you know, you know, at least Apple kind of guards you and they really fight about giving out your passcode. California's Consumer Privacy Act says you cannot give out very, very personal, specific data, but you can put data that's not directly linked, but is just compiled. You can share that with, you know, data centers, et cetera. The third criteria is 92% of the companies here out of the 25 brands, all but two, they basically give you no control over your data. Renault and Dacia, which are actually owned by the same company, which if I'm correct, might be somehow partnership with Nissan, say that all drivers have their right to have their personal data deleted. And the reason Mozilla theorizes that those two might be an exception, they're not sold in the United States. And in Europe, there are much stronger laws protecting your privacy than their General Data Protection Regulation, their GDPR Privacy Act. That's why you get all these pop-ups now on your websites that say, hey, we're collecting cookies. Do you want to select your cookies and all that? That's all part of the GDPR. But a lot of these other manufacturers sell everywhere. So maybe, maybe the cars they sell you in Europe, you can have your data deleted. But if they're sold to you in the United States, Eh, too bad. Can't have it deleted. Their number four criteria is their minimum security standards. They couldn't confirm if any of them actually meet it. They said, you know, they went through all the terms and services of all the manufacturers and they said Toyota wins. They actually have 12 different documents on how privacy is handled with their vehicles. They couldn't track how easily hackable these vehicles are, how easily accessible this data really is. Nobody really, according to them, answered their questions. They did say Mercedes, Honda and Ford technically. didn't completely answer the basic security questions. Nobody else responded to this. But again, your car is just compiling and compiling information. Those are kind of the big things I'm only going to cover. Well, you've got Renault and Dacia, which are European, and those both fail for they don't tell you how the data is used or security. This is where we're going to go through the list of things. And the five criteria are data use, data control, how the records are tracked, their security, and AI, artificial intelligent operation. BMW fails on data use, data control, Subaru, Fiat, Jeep, Chrysler, Dodge, all fail on those same criteria, data use, data control, and security. Now we jump into the people. These manufacturers fail on four of the five, data use, data control, tracking of records, and security. And those manufacturers will be VW, Toyota, Lexus, Ford, Lincoln, Audi, Mercedes, Honda, Acura, Kia, Chevrolet, Buick, GMC, Cadillac, Hyundai, Nissan. So that is 1, 3, 6, 7. I lost count. It'd probably be easier to do the math the other way. 2 are good, so now we're down to 23. 3, 4, 5, 6 are, get 3 dings out of 5, a potential 5. So now we're down to 17. 16 manufacturers get the forwarding. And you would think, and you can put this together yourself, the car that relies most on AI, Tesla. They are the only one that has ever failed on all five criteria put out by Mozilla. Now, yes, I guess you could say that's a little weighted, because Tesla is probably the only piece of technology they've ever tested that really contains, well, I guess not all five, because your A device in your home, your Google Home device, all of that stuff kind of has AI into it. Your Chromecast, your Fire TV, your Roku stick, All of those have A.I. built into them, so they've even, I guess, got better privacy controls than Tesla. Actually, I guess they say in the beginning of this, Tesla is the only one that ever got all five dings. And then you go into this next paragraph. I forgot this, that it was an AI chatbot that they tested earlier this year that did receive all five days. So Tesla is the only physical product. The other one was a piece of software. And then what set Tesla apart, they're calling is an untrustworthy AI, i.e. autopilot, which at the time of their writing, And their reporting has been involved in 17 deaths and 736 crashes and is the subject of multiple government investigations. As we know, I'm not a big fan of autopilot, especially since they don't use LIDAR and they use cameras. And I think Derek and I talked about might have been on the last episode that one of the biggest desires people want on their cars is self-cleaning backup cameras. So. you determine how good a camera is going to be when it's covered in mud. They said Nissan earned the second to last spot for collecting some of the creepiest categories. It includes your sexual activity, but not to be outdone, Kia also collects your sex life. And six car companies actually say they can collect generic information or generic characteristics. Kind of ironic that Nissan collects your sexual activity. But Renault, which is a partnership with Nissan, if I remember correctly, maybe things changed in the last 12 months. Um, that's one of those most secure. I can understand Kia doing it because wasn't it Kia or Hyundai that actually got sued for a woman becoming pregnant or something in the car, the car company's fault. Uh, that's Google something like that. I, we might've touched on it in the podcast. Just want to see off the. Oh, sexually transmitted disease. That was it. Somebody and I believe it was a Hyundai or a Kia had encounters with a person and contracted an STD and they sued the manufacturer because they got an STD in the car. It's kind of like suing the hotel. Not my job to judge. My job here today is to review this information. None of the brands use language that met Mozilla's privacy standard about sharing information with the government or law enforcement. Hyundai does go above and beyond in their privacy policy. It says they will comply with lawful requests, whether formal or informal. Serious red flag. All of the car brands on this list, except for Tesla, Renault, and Dacia, signed on to a list of consumer protection principles from the U.S. Automotive Industry Group, the Alliance for Automotive Innovation Incorporated. That list included great privacy principles and basically transparency, et cetera. And the number of car brands they claim follow those principles is zero. And they say, well, what can you do about it? Read your terms and services. I once heard about a podcast. All they did is they'd sit down at every episode and read you the terms and services of something. They would read you all that stuff you just click through when you activate your cell phone. They would read you everything, you know, you get because you subscribe to whatever streaming service. Really, really boring podcast, but really, really interesting. It no longer exists because it really was too boring. It was like sitting around doing a bunch of lawyers talk. And they say you can avoid using your like Apple CarPlay or Android Auto in your car. That'll help reduce some of the stuff that's transmitted from your phone to your car. But guess what? We also said a week ago on the show that's something everybody expects in their car because everybody wants in their car. Those things I want in my car. You know, like I always joke, I'm on Facebook, so I have no privacy. Kind of funny that Facebook must score higher than these 25 car mean. There are no choices about what data can be shared, what data can be kept confidential. Nobody shops their cars really based on which is the most secure, which is the most private. I don't think most people even consider this aspect of car ownership. Again, 25 out of 25 doing something that they shouldn't do. Again, Mozilla spent, they said, 600 hours researching this. I read this article and I've looked at a couple other things. They did say Tesla is like one of the better because you can opt out. You can opt out of Tesla collecting data on your car. Very nice thing of them to do. Very anti-Elon Musk, right? However, Tesla does warn you, if you do opt out, your car may cease to function. Hey, but your car's not collecting data. Their quote here is, this is from quote from Tesla's customer privacy note. However, if you no longer wish for us to collect vehicle data or any other data from your Tesla vehicle, please contact us to deactivate this connectivity. Please note certain advanced features such as over the air updates, remote services, interactivity with mobile applications, and in-car features such as location search, internet radio, voice commands, web browser functionality rely on such connectivity. If you choose to opt out of vehicle data collection with the exception of in-car data sharing preference, i.e. they are watching you on a camera and listening, We will not be able to notify you of issues applicable to your vehicle in real time. This may result in your vehicle suffering from reduced functionality, serious damage, or inoperability. You can keep it, keep everything private, except it might not work. And, you know, if I had a Tesla, I might really check off the in-car data sharing preferences reference back to Nissan earlier discussion episode. And then they go on to say that a few car companies they research take manipulating your consent by making you complicit in notifying your passengers of everything that your car is doing. The example they use is Nissan makes you promise to educate and inform all users and occupants of your vehicles about the services and system features and limitations outlined in their terms of service agreement concerning data collection, i.e. If you have somebody in your car that all of a sudden discusses latest drug deal and it comes out and the police get it and they arrest him, you can be held liable. That person can sue you if you didn't inform them that your car, that car was collecting data about them. It's your fault. It's not Nissan's fault now. It's your fault because Nissan has made you complicit in making sure those terms and services are spelled out everywhere. Kind of the irony I see is having a custom wrap done for your dashboard that has all the terms and services all written out so your passengers can read. There is a little bit you can do by, you know, writing obviously your government officials, contacting the Mozilla Foundation, You know, driving a, say, 1970 Charger, while not very practical, takes care of that issue, too. You might be able to go back to mid-90s, maybe even early 2000s. No promises. There's going to be a lot less data collected. anything in the last three or four years that has satellite radio, any sort of internet connectivity, any sort of internet connectivity through your phone, any phone interface that integrates into your dashboard so you have control over it, whether it be Apple CarPlay or just mirroring your screen to the dashboard. Just keep in mind, All of these are privacy, all of this stuff is something you should be aware of. There's really not much you can do about it unless you decide to move to New York City and take public transportation everywhere. You know, it's the world we used to, or I guess the world we live in. It was created for us. I remember back when I was in college, I used to joke, I would always drive a car older than 93 or 94 and 95 to 2000 because it was OBD1 and it collected a lot less data. There was a lot less information. You could actually work on it and fix things. And as I look at it right now, I see a 2015 and a 2020 model and so on. Obviously, that practicality did not come true. Even Derek, who's, like I said, absent, just hasn't got back from his trip to Old Car Festival, even drives a 2018 vehicle in addition to all of his 62 Falcon, his, oh, I want to say Peerless, but it's not Peerless. We all, you know, oh, you know, his 1919 Chevrolet, you know, You know, everything he's got in his garage. If you want to function in the world, you've got to drive a car. And I think the car companies know it simply tell you tough. Hey, at least I didn't talk politics and didn't talk unions and give you my opinions there. It's really interesting to look at it. I'll say it's the one thing I'll say about union, the union things is they want this wage increase because the profitability of the car companies is up 40 percent and they're making 30 percent less than they were or something adjusted for inflation. But they never adjust the inflation on the car company profit side. That's all I'm going to say. That's it. That's all we're going to do about the union and the strike. We'll see how it goes. That's it for no driving gloves. We should have Derek back on our next episode and you won't have to listen to me babble for 35 minutes. But again, worry about your car privacy. We might have some links in the description here. We talked about one and privacy with the number four cars privacy for cars dot com. you can get a very generic data report about your vehicle privacy. It'll let you know some of the stuff that's collected a little bit more. But we'll have links to this Mozilla article. Really advise you reading it and the privacy for cars, because ironically, a lot of this data stays on your car there unless it's required by law. The manufacturers will not delete your data from the vehicle that you trade in. or sell to you pass on to get your next vehicle. I want to say buyer beware, but technically just buyer be informed because you have no hate to depress you all. Maybe we'll have an upbeat episode when Derek gets back. He tells us about all the old cars he officiated, et cetera. I know he didn't live stream like we had hoped he would. He had a couple of. His wife and one of his children had COVID, so he was all alone on the trip with taking care of a kid. And that is that'll kind of distract you from live streaming and things. Children, with that, get off your ass and go burn some gas.
28:38 announcer This film is a part of the No Driving Gloves Network, produced and edited by Tom Vianney of Landing City Podcasts. It was worked by Gary Gungor. So until the next 8-bit.