Update May 14th: The FTC published a blog post putting connected car companies on notice for “unlawful collection & use” of consumers’ sensitive data.

  • They warned car-makers to “take note” of three actions they’ve taken recently against other companies for abusing their access to sensitive data by sharing it or using it for decision-making without consumers’ consent.

The Federal Trade Commission (FTC) is in charge of protecting US consumers from deceptive on unfair business practices. So if there’s any agency that can hold US car-makers accountable for their terrible privacy practices, it’s them! This is definitely a step in the right direction for cars and privacy.

If you haven't heard our shouts from the rooftops: cars stink at privacy. And now, US Senator Markey is asking that car companies answer to the United States Federal Trade Commission -- the government agency responsible for protecting consumers -- for their over-collecting, sharing, selling, and failure to protect your personal data.

In case you missed it:

  • After launch, our guide made headlines worldwide catching the attention of millions of unhappy consumers. More than 42,000 of you signed Mozilla’s petition asking car companies to stop their huge data collection programs. All that noise was heard by legislators in Europe and the United States.

  • In November 2023, US Senator Markey wrote a letter to the car companies behind the brands we researched (as well as Mazda) saying that the guide “revealed unfettered data collection and privacy intrusions across huge swaths of the automobile industry” and that these practices must end. In his letter, he asked tough questions about data collection, sharing, selling, security, and drivers’ privacy rights with a deadline to respond by December 21st, 2023.

That brings us to today, when two things happened: US Senator Markey and his team published all of the car companies’ responses to his questions. And based on those answers, he wrote another letter… this time to the F-T-C!

Senator Markey calls on the FTC to investigate cars and privacy

So remember those tough questions that Senator Markey asked car companies last year, like whether they’ve ever shared drivers’ personal data with law enforcement, how much money they make off selling your personal data, and whether they make any effort to get their customers’ consent -- and more? Well, we finally got to read the answers!

Senator Markey and his team published them here. Sadly, the “answers” are exactly the kind of evasive non-answers you would expect if you’re used to having your privacy questions ignored by big companies. (It’s OK, it barely hurts our feelings!) In Markey’s own words, they mostly “sidestepped [his] questions,” which is putting it nicely.

So that’s the bad news, that the car companies still won’t answer the questions we -- and Senator Markey -- want answered. We did get a chuckle, as we do, out of the creative ways companies responded. We’ll share those tidbits with you all for your reading pleasure later.

But for now, there’s good news! Because car companies’ responses gave the senator “little comfort” and “ignor[ed] the real privacy risks their data practices create,” he’s now urging the FTC to step in with a public letter to FTC Chairwoman Lina Khan.

This ambiguity and evasiveness calls out for the investigatory powers of the FTC. Given the serious risks to consumer privacy, I urge the Commission to use the full force of its authorities to investigate the automakers’ privacy practices and take all necessary enforcement actions to ensure that consumer privacy is protected. The auto industry cannot become yet another domain that tracks and targets consumers.

United States Senator Edward J. Markey in his letter to the FTC

The Senator and his team attached the car companies’ (non) responses to the letter and again cited our research as well as a follow up New York Times article from December as proof of the potential and real harms that car companies’ unchecked practices can have on consumers. This is a big deal! It’s the FTC’s job to protect American consumers’ rights. And when the FTC investigates and holds companies accountable for their bad behaviors, the whole world watches.

What’s next?

You can count on us to keep you in the loop about cars and privacy, including any moves by the FTC *fingers crossed*. We heard you and know how much you care. We also want to say a huge thank you for reading our research, talking about it, and for signing Mozilla’s petition. Look what we can do together! And we’re not done. With your help, we can raise the bar on privacy worldwide.

Jen Caltrider

Jen Caltrider

During a rather unplanned stint working on my Master’s degree in Artificial Intelligence, I quickly discovered I’m much better at telling stories than writing code. This discovery led to an interesting career as a journalist covering technology at CNN. My true passion in life has always been to leave the world a little better than I found it. Which is why I created and lead Mozilla's *Privacy Not Included work to fight for better privacy for us all.

Misha Rykov

Misha Rykov

Kyiv-native and Berlin-based, Misha worked in big tech and security consulting, before joining Mozilla's privacy effort. Misha loves investigative storytelling and hates messy privacy policies. Misha is an advocate for stronger and smarter privacy regulations, as well as for safer Internet.

Zoë MacDonald

Zoë MacDonald

Zoë is a writer and digital strategist based in Toronto, Canada. Before her passion for digital rights led her to Mozilla and *Privacy Not Included, she wrote about cybersecurity and e-commerce. When she’s not being a privacy nerd at work, she’s side-eyeing smart devices at home.

*Privacy Not Included