Outrage as some car brands reveal they can collect data on drivers’ ‘sexual activity’
Outrage as some car brands reveal they can collect data on drivers’ ‘sexual activity’
One car manufacturer’s US data collection policy has been dubbed “mind boggling, creepy, scary, sad, and messed up”.
Ariel Zilber – New York Post
Your car may be keeping tabs on your “sex drive”.
Car makers Nissan and Kia can collect data on their drivers’ “sexual activity” and “sex lives” — and may sell the info to third-party advertisers, according to a shocking study by an internet privacy watchdog, the New York Post reports.
The creepy collection of personal information by the two auto companies earned them failing grades from Mozilla Foundation, maker of the Firefox web browser, which ran privacy checks on 25 car brands.
The foundation said most car companies can comb through a variety of sources to glean personal information about drivers after they pair their smartphones with a vehicle’s connected services.
“This invasive harvesting of information is collected via a web of sensors, microphones, cameras and the phones, apps, and connected services you use in your vehicle,” according to Mozilla Foundation.
The car firms can then take that data and sell it to or share it with vendors, insurance companies and others, according to the watchdog.
“There’s a lot of ambiguity around how car companies collect these data points, and that is the problem,” Kevin Zawacki, a spokesperson for Mozilla Foundation, told The Post.
“It’s nearly impossible for consumers to really know how all their data is collected.”
Mr Zawacki said that Mozilla Foundation reached out to Nissan for specifics on how it collects data. Nissan didn’t respond, according to Mr Zawacki.
Of the 25 car brands that were reviewed, Nissan’s US privacy policy “is probably the most mind boggling, creepy, scary, sad, messed up privacy policy we have ever read,” according to Mozilla Foundation.
“Here’s why: They come right out and say they can collect and share your sexual activity, health diagnosis data, and genetic information and other sensitive personal information for targeted marketing purposes,” the foundation wrote.
On Nissan’s official web page outlining its privacy policy, the Japan-based company said that it collects drivers’ “sensitive personal information, including driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information.”
The company said that its “sources for collection” include “direct contact with users and Nissan employees”.
Mr Zawacki told The Post that data collection via “direct contact with users and Nissan employees” just “raises more questions than answers.”
Nissan said that the goal of the data collection is “to provide connected vehicle services that might utilise or rely on geolocation data, facilitate more targeted marketing, as well as for internal reporting and analytics purposes, and for other purposes in the ordinary course of employment or the provision of other services according to the terms that govern those programs”.
The Post has sought comment from Nissan.
Kia, the Korean auto giant, also acknowledged on its website that it collects “sensitive personal information” such as “racial or ethnic origin”, “religious or philosophical beliefs”, “health, sex life or sexual orientation information” and “genetic data”.
In a statement to The Post, a Kia spokesperson said: “While we may collect certain types of personal information, including ‘sensitive personal information’ as defined by the California Consumer Privacy Act of 2018 (the “CCPA”), not all types of personal or sensitive personal information are collected by us — as stated in our privacy policy.”
“Whether certain information is collected by us depends on the context in which a consumer interacts with us,” the Kia spokesperson said.
“To clarify, Kia does not and has never collected ‘sex life or sexual orientation’ information from vehicles or consumers in the context of providing the Kia Connect Services.”
Mozilla Foundation also flagged other car companies such as Chrysler, Chevrolet, Toyota, Audi, Jeep, and Honda for “brazenly collecting deeply personal information from the moment they get into a car.”
A spokesperson for Chrysler’s parent company, Stellantis, told The Post: “Multiple claims in this [Mozilla Foundation] document are incorrect as they relate to Stellantis brands.”
“We carefully and diligently consider data privacy and act accordingly,” the spokesperson said.
“Customers with questions may call our customer care centre.”
Mozilla Foundation accused Chrysler of collecting user data including “immigration status, race, facial expression, genetic information using biometrics.”
“That is a false statement,” the Stellantis spokesperson told The Post.
A spokesperson for General Motors said the company “takes data privacy very seriously and [is] committed to safeguarding personal information”.
“For every General Motors vehicle, before any connected vehicle services are activated and before any data is ever collected, the vehicle owner must accept the OnStar Terms & Conditions and Privacy Statement. These detail our data practices and are available online for consumers to review before they even walk into a dealership.”
The Post has sought comment from the automakers dinged by Mozilla.
This article was originally published by the New York Post and reproduced with permission