Heard about a big breach over at Volkswagen?
Here's whats going on. Every major car company collects your driving data. And everything I've learned about this subject makes me want to go into the dash and start pulling wires out.
100% of car companies collect unnecessary data
84% share/sell it
92% provide insufficient control over data.
(Data: Mozilla Foundation investigation)
Most pour it into the shady data-broker ecosystem.
Where it goes to god-knows who. And represents a really exciting stream of surveillance data for governments and everybody else.
Most also turn it over to governments.
And insurance companies.
We got here because, in search of new revenue streams, these car mfrs turned to mining owners for movement data.
Their disrespect for your #privacy is a through-line, and is reflected in just how sloppy they can be about protecting it.
Unsecured AWS? Ugh. But this is just the tip of the iceberg.
This massive data exposure happens to be Volkswagen, but the story tracks for every major car company.
When companies do offer some sort of opt-out... your car might break. Or so they warn you.
We are still in earliest days of people investigating and pointing this out, but things are bound to get worse with electronic vehicles.
Reading list:
Mozilla Foundation's key investigation: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
CSO Oline report on VW:
https://www.csoonline.com/article/3631055/volkswagen-massive-data-leak-caused-by-a-failure-to-secure-aws-credentials.html
Nissan breach report:
https://www.industryweek.com/technology-and-iiot/article/21258350/nissan-north-america-reports-consumer-data-breach
