The automotive industry is undergoing a technological revolution, with modern vehicles equipped with a plethora of sensors and advanced computing capabilities. While these innovations have significantly enhanced the driving experience, they have also raised concerns about the collection and sharing of sensitive consumer data. From GPS locations to personal preferences, vehicles are increasingly becoming repositories of valuable data, prompting discussions about privacy, security, and regulatory oversight.
A critical concern pertains to the transparency surrounding data collection practices employed by automotive manufacturers and technology providers. As vehicles become more interconnected and autonomous, the scope and scale of data being captured have expanded, giving rise to questions about the extent to which consumers are informed about the data being collected and the purposes for which it is utilised.
Researchers from the United States assessed 25 motor vehicle brands to analyse the type of data being collected and its purpose. The data includes:
- speed
- steering, brake, and accelerator pedal use
- seat belt use
- infotainment settings
- phone contacts
- navigation destinations
- voice data
- location and surroundings, and
- footage of individuals outside of the car.
Despite generally being for legitimate purposes, such as vehicle diagnostics and performance optimisation, there exists collaboration between car manufacturers, software developers, and third-party service providers to facilitate the exchange of data for other means including personalised services, marketing, and other ulterior purposes. This interconnected ecosystem poses challenges regarding data ownership, consent, and the protection of consumer privacy, warranting a comprehensive regulatory framework that balances innovation with data protection imperatives.
Australia is presently unequipped to handle data collection by vehicles. There is little regulation detailing how our information can be used and by whom. The use of data collection should be considered in line with the recent privacy reform, particularly in the scope of “personal information” and “consent” being better defined to protect drivers from manipulative data-sharing practices.