We all know how much data our smartphones collect. The apps alone are data collection machines, and so is the search engine you use. Tap or click here to see which apps grab the most personal data from you.
Other smart devices similarly handle data collection. That smart speaker you’re using to control your robovac and smart thermostat is a culprit, and so is that smartwatch you’re wearing. If the device uses apps or “smart” features, it collects data.
Most people don’t realize that other devices you use are probably tracking your data and behavior, too. Researchers recently looked into how much data your car tracks on you, and what they came up with is pretty shocking. It turns out your car tracks a ton of data — some of which can be accessed by criminals. Here’s what you need to know.
The data your car is tracking
Because most of us are hyper-focused on what data is collected by our smart devices, we overlook the other potential problem areas right in front of us. One potential trouble spot is our vehicles.
NBC News recently investigated what data is collected by vehicles and how it can be used. What they found was pretty surprising. It turns out your car is likely collecting all kinds of data without you knowing it — and the newer your car is, the more data it likely collects.
Even more concerning? This data can be accessed not only by police but also by criminals. According to the report, police have been relying on digital vehicle forensics at an increased rate. This type of forensics focuses on extracting data stored in vehicles’ onboard computers.
There is a wide variety of information stored within these computers. Some vehicle software can read the unique IDs of Bluetooth and Wi-Fi devices, call logs, contacts, text messages, or even when doors were open and the locations you were in — and when you were there.
This information also includes data on speed and acceleration. It can reveal when texts and calls were made while the cellphone was plugged into the infotainment system, along with voice commands and web histories.
When accessed, this information can help police solve crimes, as it did in the case of Ronald French, who was murdered in Michigan in 2017.
In that case, Joshua Wessel, who’s since been charged with the murder, was caught because of a voice recording found in the victim’s truck from the time of the murder. The report also notes that some companies are building big business out of extracting this type of data for police — and it’s perfectly legal.
If that isn’t scary enough, the treasure trove of data stored in an automobile’s onboard computer is also valuable to certain types of criminals. A report notes the example of an Australian man who used an app to access live data from his ex-girlfriend’s Land Rover.
By accessing this information, the man was able to get real-time information on the car. He could also control it remotely, turning it on and off and rolling down the windows from a remote location.
The potential repercussions
While solving crimes is one positive way of using this data, there are concerns about these practices — and rightfully so. When it comes to data collection, privacy issues are rampant, and you don’t want any device — your car included — to offer up a cache of information on your actions.
Let’s say you sell your car to a dealership, but that information isn’t wiped clean before it’s resold on the lot. That alone could give someone else information on you, the former owner — including your address, contact information or anything else that’s stored in your car’s onboard computer.
If you rent a car and sync your phone, you’re opening yourself up to the same issues. Most of us don’t think twice about doing something like that, though. It makes it easier to navigate and make calls while in the car, so it’s a common move to make.
No federal laws dictate what automakers can collect or do with the vast majority of our driving data, either. The Driver Privacy Act of 2015 regulates a vehicle’s event data recorder, which contains information from immediately before, during and after a crash occurs. However, when it comes to the information collected by the infotainment system or other onboard computers, there are no rules.
You also don’t want to leave yourself open to being tracked or stalked by criminals or other ne’er do well parties. That’s a scary thought to process — but it clearly happens. If anyone gets access to the data stored by your car, it could lead to several different issues — including identity theft.
It’s not that difficult for someone to access the information stored in your car’s onboard computer, either. The privacy and security measures are much weaker when compared to your smartphone or computer — which means the information is much easier to access by third parties.
How to protect yourself and your data
One of the easiest things you can do to protect your personal information is to prevent your smartphone from syncing with your car’s infotainment system. By doing this, you’re removing the connection to the data in your phone. You’ll be protecting your texts, call logs, social media accounts, images, videos and the other information stored in your phone.
Be sure to remove data if you’re using a rental car. If you sync your phone or use Bluetooth to make calls or navigate a new city, clear out the information before returning the car. This blocks the car rental employees and other customers from gaining access to your personal information.
When you sell your car, take time to reset the garage door opener that’s programmed into your car, too. If you leave it programmed, you’re essentially giving the new owner a key to your home.
If you’re using your car’s navigation system, try using cross streets instead of firm addresses to get where you’re going. You don’t want to accidentally leave your home address or other information accessible to criminals, and cross streets or landmarks will help eliminate the risks of that.
You should also always turn off the Bluetooth and Wi-Fi in your car when you’re not using it. Hackers can target your car if you leave these on 24/7 — and it isn’t worth the risk.