New research reveals serious privacy flaws in the data practices of new internet-connected cars in Australia.
Modern cars are increasingly equipped with internet-enabled features, and your connected car might automatically detect an accident and call the emergency services.
A report published today analyzed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.
Connected cars are also sophisticated surveillance devices, and the data they collect can create a highly revealing picture of each driver.
Personal information collected by your car can be misused in various ways, from disclosing to insurers or data brokers without your consent to unjustified government surveillance or even national security risks.
Several major brands fail to recognize the full scope of personal information protected by the Privacy Act, making inaccurate claims that indicate the Privacy Act doesn't apply to certain information.
Most of the brands in the report can use the information collected from connected cars for undefined marketing or research purposes without requiring express consent.
To improve privacy protections in connected cars, privacy laws must be reformed to update definitions of personal information and consent, and a fair and reasonable test for data practices.
Customers should be able to easily find and understand the privacy terms of the cars they want to buy.
The data practices surrounding connected cars need immediate attention and guidance from the privacy regulator.