New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.

Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.

But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.

A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.

87 points
*

It’s also why repair costs an arm and a leg.

It used to be a bumper was just filled with foam, so getting in a fender bender was a pretty cheap fix.

Now a bumper has upwards of $5000 in technology and sensors sitting in it, and a fender bender can often make the car considered “totaled” because the cost to repair is now more than the total resale value of the car.

Get a bike, ride a bus, fuck surveillance capitalism.

permalink
report
reply
23 points

Opting out still seems like they’re pinkie promising they won’t spy on you. There’s no guarantee they’re not using all those sensors on your car to keep tabs on you. The only thing they can’t do is sell your data without getting caught. Are there any guides to install a faraday cage on the telemetry antenna? I miss having dumb cheap vehicles.

permalink
report
parent
reply
5 points

From a cursory examination, it looks like there are at least some models where you can disconnect the antenna, for which you may get a warning you can just ignore. Seems a lot easier than a faraday cage. But a lot worse than a car not outfitted with that kind of tech.

permalink
report
parent
reply
9 points
*

I have never seen an opt-out work as it should. Operating systems just re-enable everything through system updates. Apps do it through app updates. A lot of updates seem like they’re for nothing other than getting you to agree to a new more intrusive ToS. For websites, spam lists, and that sort of shit, they just create a new mailer program and opt you into that. Sure, they’re not sending you the one you opted out of, but there are 500 more on the back burner. Some of the worst offenders will have dozens or even hundreds of different lists and force you to opt out of each one individually. Then of course there are the spammers who just don’t even capture the opt out. Or put the opt out behind a login that you don’t even have. Or serve the opt out page through an ad-click network which is blocked by your filter list, firewall, ad blocker, or DNS. There are a hundred ways they circumvent the laws and legislators are doing nothing to stop them.

permalink
report
parent
reply
5 points
*

I think the best course of action is to find an cut the antenna or it’s trace on the board (and verify). Sounds a lot easier than it is though.

edit: or also pull the modem fuse, if it has one

permalink
report
parent
reply
3 points

I just pulled the fuse for my vehicles modem once Mozilla released their report earlier this year or last year.

permalink
report
parent
reply
39 points
*

Best part is it’s $5000 because they get to name their price. These sensors, headlights, etc, cost nowhere near that, but where else are you gonna go get em?

So in a few years when your new car has depreciated to somewhere around 10k and you get a massive repair bill? Well most people are scrapping it and getting another car, convenient for them…

permalink
report
parent
reply
11 points

The surveillance is mostly done on the inside of the car, not the outside. Parking sensors don’t really provide useful data for them to harvest, but that is why they cost so much to replace. If you don’t care about parking sensors you can just replace your bumper without them, the car doesn’t really care after you tell it “you didn’t ship with parking sensors”.

permalink
report
parent
reply
4 points

YES

permalink
report
parent
reply
21 points

First thing I did when buying my '21 Toyota was remove the fuse giving power to the cellular modem. Is it still recording my data? Of course, but that’s only a worry if I go to their dealership for service. If I ever need to actually do that (recalls for example) I’ll remove the DCM module from the vehicle before bringing it in. There’s a very good local shop near me that I’ll bring it to for normal maintenance before letting Toyota plug in to the car and download my data.

Some vehicles this may not be possible, so if this concerns you, check forums about your vehicle if it is a moving spy machine before trying this because you might end up causing the vehicle to be put in limp mode because of some BS design choices.

permalink
report
reply
6 points

Which fuse? And links to a guide?

permalink
report
parent
reply
3 points

Pretty simple, there’s a fuse in the fuse box under the dash labeled DCM, just remove it. It’s extremely simple and takes 3 minutes. The DCM has an 18650 backup battery so it’ll stay powered for a short time but should die in a day or two and stop transmitting.

permalink
report
parent
reply
4 points

I’ll remove the DCM module from the vehicle before bringing it in.

Why don’t you remove it right now then?

permalink
report
parent
reply
5 points

Haven’t had the time to tear the dash apart. It’s located below the infotainment screen. It’s not transmitting so no need for immediate action.

permalink
report
parent
reply
2 points

I am consistently disappointed to see the top posts say to not buy a car whenever news like this comes out.

Your post at least provides an alternative.

permalink
report
parent
reply
14 points

Toyota at least has an opt-out website. (Or at least in the US they do). You lose the ability to do stuff like remote start from your phone though. And emergency roadside service, blah blah blah. I turned off all the mapping saved route stuff immediately that let you see your previous trip average miles/KW and then turned off everything once they wanted me to pay a monthly fee for remote start and such.

permalink
report
reply
4 points

What’s ridiculous is they made remote start only available from the app instead of a keyfob

permalink
report
parent
reply
12 points

Theres still an LTE modem in your car sending data somewhere

permalink
report
parent
reply
5 points

So if I were to take one of them cars and drive out to the middle of nowhere in the desert where there’s no cell service, what’s it gonna do? Shut off once it’s roaming? Not start back up and strand me in 115° heat? I just want to be prepared for my lawsuit that’s all

permalink
report
parent
reply
17 points

It’ll just cache telemetry locally then send it in when you reconnect to the network

permalink
report
parent
reply
5 points

I seriously doubt they’re not capturing the information just because you told them not to. They’re just going to treat it differently. But have no delusions that they’re respecting your wishes as you think they should.

permalink
report
parent
reply
1 point

https://privacy.toyota.com/#/landing

They appear to be doing so for all states, not just Cali where they have a legal obligation to. Do you have any proof to the contrary or is this just your feeling about it? Because at this point, given the class action lawsuit they would face from Californians, I suspect they are actually following it to the best of their ability.

permalink
report
parent
reply
25 points
*

That’s why I’ll take bus, train, rideshare, carshare, plane with all the cameras and tracking over buying a new personal vehicle. Modern cars can build a personal digital profile of you, they know where you travel, they track your plate, and we found out they track your driving behaviour to screw with your insurance rates.

permalink
report
reply
14 points

Also consider getting an ebike, if possible.

permalink
report
parent
reply
7 points
*

In fact, I have one! And for its size (20-inch wheels and foldable) it can fit a lot!

E-bike

permalink
report
parent
reply
2 points

Nice, that looks legit.

permalink
report
parent
reply
39 points

A few years ago, when I cared little about my privacy, I would fancy buying a new car. Thanks to privacy concerns, I became proud to have my old car, which also happens to be highly repairable.

permalink
report
reply
13 points

Yep, I have my 2004 landcruiser. I will never get rid of this car

permalink
report
parent
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 5.5K

    Monthly active users

  • 1.8K

    Posts

  • 27K

    Comments