Rafi Alam from CHOICE told The World Today: “When we looked at Toyota’s privacy policy, we found that these Connected Services features will collect data such as fuel levels, odometer readings, vehicle location and driving data, as well as personal information like phone numbers and email addresses.”
The program’s policy document says Toyota collects data for various purposes if drivers don’t opt out — including for safety, security, research, product development and data analysis — but the company may also share it with third parties such as finance and insurance companies, debt collection agencies and market research organisations.
In 2023, the Mozilla Foundation reviewed the privacy standards of 25 major car brands, including Toyota. All 25 received failing marks for consumer privacy.
The report found brands such as BMW, Ford, Toyota, Tesla, Kia, and Subaru could “collect deeply personal data such as sexual activity, immigration status, race, facial expressions, weight, health and genetic information, and where you drive”, which they could potentially sell to third parties.
Nissan was accused of being “the very worst offender”, while Toyota was found to have “a near-incomprehensible galaxy of 12 privacy policy documents”.
Can you trust them with everything about what you do in the car, what you say in the car, who’s in the car, where it goes, your connections to every other online data service?
QuadratureSurfer@lemmy.world 4 months ago
Not just phone numbers and email addresses, but a recent ruling by a federal judge allows them to record and collect text messages without worry:
theverge.com/…/automakers-collect-record-text-mes…
ForestOrca@kbin.social 4 months ago
Wouldn't end-to-end encryption with, for instance, Signal sidestep some of this data collection? Specifically related to text, telephony, video conferencing? Could one use a masked email to put a layer between oneself and one's car/ car company?
I'm just 'brainstorming' as this is a big issue, and I"m sure there are folks that have done deeper study and thinking on these impacts on our privacy. What about using a VPN?
Rentlar@lemmy.ca 4 months ago
Government agencies have already been permitted to read notifications, so if it is readable and recordable by the car in any form, then you bet your ass law enforcement can obtain access to it.
extant@lemmy.world 4 months ago
A lot of it has to do with things like Android Auto or Apple car play where the software needs access to your text message to read it to you and may need to send it to a more powerful cloud base system to translate your voice to text or the response from text into voice. These are legitimate reasons for using that data despite the taboo nature of how we view privacy and there are workarounds and technological breakthroughs that make it so those things can be done locally without sending it for processing but there’s pros and cons for technical reasons not to. That said does a system need to read every text message on your phone just to read out a text you’ve only just received absolutely not and this is where things get into the grey area.
The problem is that if you want that car you have to agree to these data policies that are very blatantly just trying to to take all of the data they can to monetize either directly from selling or trading or indirectly like improving services. What we need are strong laws in place to protect privacy but that’s an uphill battle when politicians are beholden to capitalism.
So to go back and actually answer your original question, yes, encryption is our only means or privacy assuming in this case signal encrypts data at rest.
kusivittula@sopuli.xyz 4 months ago
what if you just don’t connect your phone to the car?
QuadratureSurfer@lemmy.world 4 months ago
Then they won’t get your messages are any other information specific to your device.
But cars don’t need that connection to phone home with all of the data that the car itself is picking up on. Cars today all have some sort of cheap connection so that they can pass on your data one way or another.
bitwolf@lemmy.one 4 months ago
Connect your phone but don’t grant the Bluetooth connection rights to your contacts and call logs.