Your car is smarter than you think.
And it is not a violation of privacy for your car to automatically store text and call data from your cell phone, following a ruling from the U.S. Court of Appeals for the 9th Circuit.
Modern convenience often comes with a price of sacrificed privacy, but in this case, the plaintiffs claimed they were unaware of what they were signing away when they connected their smartphones to their cars.
A class-action lawsuit brought against the car manufacturers Ford, General Motors, Honda, Toyota and Volkswagen asserted that under the Washington State Privacy Act, drivers’ privacy had been violated due to the fact that “the vehicle’s system downloads all text messages and call logs from Plaintiffs’ cellphones as soon as they are connected.”
“If text messages or call logs are deleted from a cellphone, the vehicle nevertheless retains the communications on the vehicle’s on-board memory, even after the cellphone is disconnected. Vehicle owners cannot access or delete their personal information once it has been stored,” the court said of the plaintiffs’ complaint.
In its defense, Ford argued that drivers of their vehicles had given “implied consent” for the storage of personal data, adding that it provides for a “factory reset” procedure on its website to wipe the memory board of all stored data.
Ford was also able to prove that it did not have access to, nor could it store, any text or call data from customers’ vehicles.
The privacy concern from the plaintiffs, therefore, came down to the risk of the third-party data retrieval company, Berla.
Berla produces hardware and software, marketed to law enforcement clients, that can extract stored phone data from connected vehicles.
Will you be more careful about texting in your car?
On its own website, Berla claimed that by using its data retrieval products, “having access to a suspect’s connected vehicle is the next best thing behind having the actual phone itself.”
The 9th Circuit found in favor of Ford, and subsequently the other car manufacturers, because the plaintiffs had failed to prove an actual injury for the alleged breach of privacy — which is required under law to receive damages.
While Berla’s products might provide a whole new avenue of evidence collection by law enforcement, police must still go through the due process procedures of receiving a court order to obtain such data.
Despite the lawsuit finding in favor of the car manufacturers, consumer advocates are still very concerned with a wide array of privacy pitfalls with vehicle technology.
A September report by Mozilla News’ *Privacy Not Included team called modern cars the “worst product category we have ever reviewed for privacy.”
The team researched 25 car brands and concluded, “Every car brand we looked at collects more personal data than necessary and uses that information for a reason other than to operate your vehicle and manage their relationship with you.
“They can collect super intimate information about you — from your medical information, your genetic information, to your ‘sex life’ (seriously), to how fast you drive, where you drive, and what songs you play in your car — in huge quantities. They then use it to invent more data about you through ‘inferences’ about things like your intelligence, abilities, and interests.”
Even more alarming, they discovered that 84 percent of the car brands they reviewed share or sell that data, according to the report.