How Does A Smart Car Collect Your Data?

Modern cars resemble smartphones on wheels, equipped with WiFi, CPUs, and Bluetooth, a stark contrast from their predecessors just two decades ago. Similar to GPS-enabled phones, smart cars track users’ locations and activities.

A 2019 Washington Post investigation revealed a 2017 Chevrolet Volt collecting detailed data, including the driver’s precise location, phone ID, and contact list, which was transmitted to General Motors.

While technology enhances safety and convenience, it transforms cars into extensive data collectors, leaving owners needing clarification on the information gathered.

With more than 1.2 billion vehicles globally, generating 1.8 terabytes of data annually, and the integration of additional sensors and cloud features, autonomous vehicles are projected to produce 4TB in 1.5 hours, with an estimated $750 billion worth of in-vehicle data by 2030.

This vast data pool presents lucrative opportunities for monetization but also poses a significant risk of cyberattacks due to vehicle connectivity, according to ExpressVPN.

What facts and figures does a smart car store?

Since the 1970s, cars have featured computers, but the proliferation of these systems and their expanding control over various functions is a recent development.

Gone are the days of manually cranking car windows; today, a simple button press activates numerous computer-powered features, reflecting the increasing integration of cars with internet-connected systems. McKinsey forecasts that 95% of new global vehicle sales by 2030 will be for smart cars, with even basic models deriving significant value from data.

The shift toward futuristic vehicles, sans traditional buttons, is evident as touch sensors and screens respond effortlessly to gestures or voice commands. While this heralds an era of convenience, the extensive array of microphones, cameras, and sensors in modern cars means every interaction leaves a digital footprint. This data, encompassing steering wheel movements and door unlocks, is typically stored by car manufacturers.

Beyond user-initiated actions, cars collect data autonomously, with sensors continually monitoring even when the vehicle is stationary. Vehicle data hubs, acting as industry data brokers, amass a wealth of information, including driver fatigue indicators such as head and eye positions and heart rates.

Furthermore, data is sourced from connected services like satellite radio and GPS track planners, as well as external devices like telematics devices and mobile phones. Car companies also engage in traditional data collection methods, tapping into data brokers, car dealerships, social media, government sources, and other channels to compile comprehensive profiles of users.

As cars evolve into increasingly connected entities, the wealth of data generated raises questions about privacy and security.

Just curious, what does my car know about me?

Smart vehicles transmit an extensive array of data, including personal details like name and address, location specifics such as precise GPS data, digital footprints like IP addresses, and even biometric data like facial and fingerprint recognition. This information extends to financial details, behavioral patterns, and more.

Car manufacturers, through external sources, delve into intimate details like sexual activity and genetic information, accessing photos and calendars if privacy settings permit. The scope of data collection is vast, raising privacy concerns.

Is my car selling me out to car manufacturers?

Maximizing profits in the automotive industry extends beyond product improvement. Data, a valuable commodity, is not only used to enhance product quality but can also be resold. Manufacturers adapt car features for increased revenue.

For instance, insurance companies purchase driving data to refine risk assessments and adjust premiums. By 2020, 62% of vehicles had this divisive function, predicted to reach 91% by 2025. Marketing firms leverage such data for targeted advertising.

Moreover, monetization tactics include subscription-based access to car functions and credit-financed vehicles with enforced lockdowns for payment defaults.

Final Thoughts

The automotive industry’s commitment to standardization remains to be determined. In August 2023, Kaspersky’s Automotive Threat Intelligence report raised cybersecurity concerns, emphasizing issues with infotainment systems and connectivity tech.

From July 2024, UNECE WP.29 mandates multi-layered cybersecurity solutions for automotive OEMs and their supply chains. Failure to comply could halt production. Addressing data secrecy, cross-producer communication, and IoT security necessitates collaboration among the industry, tech firms, and government bodies. Establishing a universal data privacy policy is crucial to safeguard rights and prevent cyber-attacks.