Car Makers Slammed Over Privacy Issues
Australia’s leading car manufacturers are facing criticism for their data collection practices, including tracking owners’ locations, recording conversations, and sharing personal information with third parties. Consumer advocates and privacy experts have expressed serious concerns about the extent of data gathered by modern vehicles.
However, car manufacturers defend these practices, arguing that the collection of some user data is necessary to provide services such as automatically contacting emergency services in the event of a crash.
Rafi Alam, senior campaigns and policy advisor at CHOICE, stated that the data collection practices of several top-selling car brands in Australia were “highly concerning.”
“We discovered that Kia, Hyundai and Tesla were the worst offenders when it came to protecting the privacy of their customers,” Alam said. “Kia and Hyundai both collect and share voice recognition data with third parties, along with other information.”
Research from the Mozilla Foundation in September 2023 also raised alarms, with the organization calling cars “the worst category of products for privacy that we have ever reviewed,” creating a “privacy nightmare” for consumers. The investigation covered 25 automotive brands.
One of the key justifications for data collection is to provide emergency services. For example, Hyundai’s Bluelink app and Kia Connect offer features such as automatic crash notification. These systems can alert emergency responders to an accident and provide location details.
Kia Australia’s spokesperson said that Kia Connect is an opt-in service, and customers must initiate the process. Users can deactivate the service through the vehicle’s infotainment system.
A Hyundai spokesperson confirmed that connected services are not mandatory and are intended to enhance vehicle safety. For instance the services allow the car to make an “SOS” call to send an ambulance to the scene of a crash.
“At Hyundai we take customer data protection very seriously, and implement robust measures to ensure safety and privacy,” the spokesperson said. “By leveraging advanced technologies and comprehensive security protocols, Hyundai safeguards customer data against unauthorized access and cyber threats.”
Data communicated to third parties includes vehicle speed and location—services necessary to provide live traffic updates. The many uses for personal information appear in the privacy statements and user agreements.
Associate professor Katharine Kemp, a law expert at the University of New South Wales, believes current Australian privacy laws needs updates.
“For example, Australian ‘consent’ standards for data uses are well behind those in jurisdictions such as the EU, and companies rely on quite fictional “consents” by consumers,” she explained. “We also need an updated definition of ‘personal information’ to make sure companies aren’t trying to get out of their privacy obligations for new kinds of data that can single us out as individuals.”
Rafi Alam echoed these sentiments: “Australia’s privacy laws are woefully out of date, and certainly not fit for purpose in a market where cars are collecting and sharing personal information en masse. At a minimum, the federal government should implement a fair-and-reasonable-use test, which would legally require businesses to collect and use data in line with consumer expectations.”
