Update May 14th: The FTC published a blog post putting connected car companies on notice for “unlawful collection & use” of consumers’ sensitive data.

  • They warned car-makers to “take note” of three actions they’ve taken recently against other companies for abusing their access to sensitive data by sharing it or using it for decision-making without consumers’ consent.

The Federal Trade Commission (FTC) is in charge of protecting US consumers from deceptive on unfair business practices. So if there’s any agency that can hold US car-makers accountable for their terrible privacy practices, it’s them! This is definitely a step in the right direction for cars and privacy.

If you haven't heard our shouts from the rooftops: cars stink at privacy. And now, US Senator Markey is asking that car companies answer to the United States Federal Trade Commission -- the government agency responsible for protecting consumers -- for their over-collecting, sharing, selling, and failure to protect your personal data.

In case you missed it:

  • After launch, our guide made headlines worldwide catching the attention of millions of unhappy consumers. More than 42,000 of you signed Mozilla’s petition asking car companies to stop their huge data collection programs. All that noise was heard by legislators in Europe and the United States.

  • In November 2023, US Senator Markey wrote a letter to the car companies behind the brands we researched (as well as Mazda) saying that the guide “revealed unfettered data collection and privacy intrusions across huge swaths of the automobile industry” and that these practices must end. In his letter, he asked tough questions about data collection, sharing, selling, security, and drivers’ privacy rights with a deadline to respond by December 21st, 2023.

That brings us to today, when two things happened: US Senator Markey and his team published all of the car companies’ responses to his questions. And based on those answers, he wrote another letter… this time to the F-T-C!

Senator Markey calls on the FTC to investigate cars and privacy

So remember those tough questions that Senator Markey asked car companies last year, like whether they’ve ever shared drivers’ personal data with law enforcement, how much money they make off selling your personal data, and whether they make any effort to get their customers’ consent -- and more? Well, we finally got to read the answers!

Senator Markey and his team published them here. Sadly, the “answers” are exactly the kind of evasive non-answers you would expect if you’re used to having your privacy questions ignored by big companies. (It’s OK, it barely hurts our feelings!) In Markey’s own words, they mostly “sidestepped [his] questions,” which is putting it nicely.

So that’s the bad news, that the car companies still won’t answer the questions we -- and Senator Markey -- want answered. We did get a chuckle, as we do, out of the creative ways companies responded. We’ll share those tidbits with you all for your reading pleasure later.

But for now, there’s good news! Because car companies’ responses gave the senator “little comfort” and “ignor[ed] the real privacy risks their data practices create,” he’s now urging the FTC to step in with a public letter to FTC Chairwoman Lina Khan.

This ambiguity and evasiveness calls out for the investigatory powers of the FTC. Given the serious risks to consumer privacy, I urge the Commission to use the full force of its authorities to investigate the automakers’ privacy practices and take all necessary enforcement actions to ensure that consumer privacy is protected. The auto industry cannot become yet another domain that tracks and targets consumers.

United States Senator Edward J. Markey in his letter to the FTC

The Senator and his team attached the car companies’ (non) responses to the letter and again cited our research as well as a follow up New York Times article from December as proof of the potential and real harms that car companies’ unchecked practices can have on consumers. This is a big deal! It’s the FTC’s job to protect American consumers’ rights. And when the FTC investigates and holds companies accountable for their bad behaviors, the whole world watches.

What’s next?

You can count on us to keep you in the loop about cars and privacy, including any moves by the FTC *fingers crossed*. We heard you and know how much you care. We also want to say a huge thank you for reading our research, talking about it, and for signing Mozilla’s petition. Look what we can do together! And we’re not done. With your help, we can raise the bar on privacy worldwide.

Jen Caltrider

Jen Caltrider

Als ich eher unorganisiert an meinem Master in Künstlicher Intelligenz arbeitete, wurde mir schnell klar, dass ich viel besser Geschichten erzählen kann, als Code zu schreiben. Diese Entdeckung bescherte mit eine Karriere als Journalistin, in der ich für CNN über die Tech-Branche berichtete. Ich wollte schon immer bewirken, dass die Welt nach mir ein etwas besserer Ort ist, als die, in der ich aufgewachsen bin. Deshalb habe ich Mozillas *Datenschutz nicht inbegriffen-Initiative ins Leben gerufen und geleitet – für besseren Datenschutz für alle.

Misha Rykov

Misha Rykov

Misha Rykov, ursprünglich aus Kiew und aktuell in Berlin ansässig, arbeitete für Big Tech und Sicherheits-Consulting, bevor er sich Mozillas Initiative für mehr Datenschutz anschloss. Misha begeistert sich für investigatives Storytelling und verabscheut unübersichtliche Datenschutzrichtlinien.

Zoë MacDonald

Zoë MacDonald

Zoë MacDonald ist eine Writerin und Digitalstrategin und lebt in Toronto, Kanada. Bevor ihre Leidenschaft für digitale Rechte sie zu Mozilla und *Datenschutz nicht inbegriffen führte, schrieb sie über Cybersicherheit und E-Commerce. Wenn Sie nicht gerade bei der Arbeit über Datenschutz abnerdet, beäugt sie zu Hause Smart-Geräte misstrauisch.

*Datenschutz nicht inbegriffen