Auto Makers Are Selling Data On Your Driving Habits To Your Insurer Without Properly Informing You
Last September, Mozilla came out with a privacy study indicating that the auto industry was the worst tech industry the organization tracked. Mozilla found that not only does the industry hoover up a ton of data from your use of vehicles, it collects and monetizes most of the data on your phone. Often without transparency or adequate safeguards:
All 25 car brands we researched earned our *Privacy Not Included warning label - making cars the official worst category of products for privacy that we have ever reviewed.
Fast forward to this week, and the New York Times' Kashmir Hill has a new story exploring how the auto industry is also collecting reams of personal driving data, then sharing it with your insurance company. More specifically, automakers are selling access to the data to Lexis Nexis, which is then crafting risk scores" insurance companies then use to adjust rates. Usually upward.
If consumer approval is even obtained, it's obtained via fine print buried deep in user agreements either in automakers' car apps or road-side assistant apps:
Automakers and data brokers that have partnered to collect detailed driving data from millions of Americans say they have drivers' permission to do so. But the existence of these partnerships is nearly invisible to drivers, whose consent is obtained in fine print and murky privacy policies that few read."
Even law professors, who are surely used to reckless treatment of consumer data at this point, were somehow surprised at the cavalier behavior by the auto industry:
I am surprised," said Frank Pasquale, a law professor at Cornell University. Because it's not within the reasonable expectation of the average consumer, it should certainly be an industry practice to prominently disclose that is happening."
This is the same auto industry that has been fighting tooth and nail against right to repair" reforms - in a bid to protect their lucrative repair monopolies - often under the pretense that they're just that concerned about the consumer privacy ramifications.
Please notice that the absolute bare minimum that the auto industry could be doing here is making this tracking and monetization of your data transparent, and they're not even doing that. Because they know Congress and U.S. federal regulators, lobbied into apathy over decades, are too corrupt to take meaningful action. At least not at any real, consistent scale.
Again, like countless past scandals, this is the direct byproduct of a country that has proven too corrupt to pass even a baseline privacy law for the internet era. Too corrupt to regulate data brokers. And obsessed with steadily defanging, defunding, under-staffing and curtailing the authority of regulators tasked with overseeing corporations with a broad and reckless disdain for U.S. consumer privacy and safety.
Senator Edward Markey of Massachusetts hasurgedthe Federal Trade Commission to investigate. And California regulators are purportedly investigating automaker privacy standards. But a grotesquely corrupt Congress means federal inquiries will likely go nowhere (also keep in mind looming Supreme Court rulings are poised to erode federal regulatory authority further). And any inquiries that do materialize will feature fines that are miniscule compared to the money made from the abuses.
The data-hoovering surveillance economy we've created is so lucrative, all the financial incentives point in the wrong directions. And the only thing likely to shake U.S. politicians out of their corrupt stupor is a scandal so extreme - potentially involving mass fatalities or the leaked data of the rich and powerful - that the problem is no longer easy to ignore. And even then, we'll still probably try.