Lincoln

Warning: *Privacy Not Included with this product

Lincoln

Review date: Aug. 15, 2023

|
|

Mozilla says

|
People voted: Super creepy

Lincoln -- named after the US president who ended slavery, Abraham Lincoln -- is the luxury car brand of US car maker Ford. Founded back in 1917 the company was renowned for their 1970s Lincoln Continental, a giant boat of car with doors that weighed as much as modern small cars probably weigh now (seriously, does anyone remember being a kid and trying to open the door on a Lincoln Continental?). Lincoln models today include the Navigator, Aviator, Nautilus, and Corsair. Lincoln owners can connect to their car through the Lincoln Way app and do things like remotely lock/unlock, and start their cars, create virtual valet keys, and check things like tire pressure and maintenance schedules. So, how does Lincoln do at protecting your privacy? Well, they share their privacy policies with parent company Ford, and both car brands a pretty dang bad a privacy.

What could happen if something goes wrong?

Starting way back in 1903, Ford has a very long history of building cars and getting people in them. Sometimes that history has been less than perfect (remember the Ford Pinto?). So when we hopped into Ford/Lincoln's land of privacy policies and read their statement that, "Ford Motor Company is committed to be a trusted steward of the personal information you provide to us," well, we were a bit skeptical. Remember, this is the same company that changed their slogan to "Quality is Job #1" after opting not to fix the problems in those Pintos that ended up killing people we just mentioned.

And based on a read of Ford/Lincoln's Privacy Notice, their Connected Vehicle Privacy Notice, their California Privacy Disclosures (probably the best place to read privacy information, regardless of where you live), their Lincoln Way app Privacy Policy, and other privacy and security documentation we reviewed, it seems we were correct to be skeptical. Ford does not appear to us to be so great a respecting and protecting their users personal information and car data.

Let's start with the massive amount of personal information, vehicle and driving information, location information, inferences about you, and other data they say they can collect on your in their privacy policies. Of course they collect things like your name, email, phone number. That's to be expected. They also collect things like your age, gender, ethnicity, driver's license number, your purchase history and tendencies, who your mobile network provider is, lots of location data on your vehicle and your mobile device, voice commands and "other utterances captured when the vehicle’s voice recognition system is in “active listen” state", and more. They use all the to create inferences about you to guess more about your "likely preferences and other characteristics." Yuck.

But that's just the data they say they can collect on you. Then there is the data they say they can collect on your car (f you have a car with connected services or technology, of course). This vehicle data can include all manner of things like, your tire pressure, odometer reading, fuel level, your vehicle's precise location, what traffic signs you've passed, whether the roads are wet, what the weather is, vehicle driving data like speed, seat belt usage, braking, steering, how many passengers, voice commands and other "utterances", "Information about what is listened to in the vehicle (such as radio presets, volume, channels, media sources, title, artist, and genre)," and what vehicle features you use. Remember, all this connected vehicle data can be associated with your cars VIN (Vehicle Identification Number, a unique iD) and that VIN can pretty easily be associated with you as well as being something fairly easy for bad actors to find out.

Ford/Lincoln knows so much about you...and your passengers. Oh yeah, on that passengers note. There's this line in Ford/Lincoln's privacy notice you're expected to follow: "you must inform others who drive the vehicle, and passengers who connect their mobile devices to the vehicle, about the information in this Notice, including the Connected Vehicle Privacy section..." So yeah, make sure you tell all your friends and family all the details on this before they connect their phone to your car to play that cool new playlist they put together for your road trip to Las Vegas! Don't worry, when they give you grief about being a total privacy nerd, tell them privacy nerds rock! (We should know ;-).

And then let's look at the many, many places they say the can share, and perhaps even sell, the information they collect on you. First there's the vast "Ford Motor Company family of companies and affiliates". Ford Motor Company is a huge global corporation, so that is potentially a lot of places it can share your data. They also say they can share your personal information with dealers (there are lots of those around for sure), social media platforms, advertising companies, joint marketing partners, SIRIUS XM radio service, law enforcement, regulatory agencies, and other government agencies. So yeah, once Ford has your personal information, it's going to be shared all over the place. Now is a good time to remind folks that every time your information is shared, you have to trust that new place to do a good job securing, protecting, and respecting it. Good luck with that.

So, Ford/Lincoln collects a ton of information from you, from you car, from your mobile device if you install the LincolnPass app, from the connected services you use while in your car, and from other sources like public information, business partners, and data brokers/data analytics firms. Uhg. What does Ford/Lincoln say they can then do with all this personal and vehicle information? Well, a huge one is trying to sell you stuff. Advertising, marketing, joint marketing, promotions, all feature heavily in Ford's privacy policies. So count on seeing ads for locations you visit in your car, from your local car dealers, from SIRIUS XM, and from tons and tons of other sources based on where you drive, how you drive, what features or your car you use, what radio stations you listen to, and so much more. Have we mentioned yet that cars are a privacy nightmare. Ford/Lincoln included.

Oh, one other lovely things Ford/Lincoln says they can do. They say that in some circumstances they can collect your vehicle location, whether you give them permission to or not. That link in their privacy policy reads in part, "In limited situations, we may collect Vehicle Location, regardless of location settings. We do this to protect and defend our rights or property (including repossessing a vehicle in the event of a delinquency) or to comply with applicable law, to respond to valid legal process (including from law enforcement or other government agencies), or, in the event of exigent circumstances, to help prevent the loss of life or serious injury or help protect the personal safety of Ford personnel, users of our vehicles, websites, or apps, our visitors, or the public." That section of the privacy policy goes on to list a variety of other circumstances. This frightens us for a couple of reasons. One, even people delinquent on their bills due to any number of circumstances should have a basic right to privacy. And two, the potential for abuse of this is huge and quite frightening. Governments and law enforcement have been known to abuse their power and who gets to determine "exigent circumstances." All in all, as privacy advocates, this leaves us quite worried.

We also have some concerns about Ford/Lincoln's track record at protecting all this personal information and car data they collect on people. They've had a few public security incidents over the past few years that leave us worried. Those include a 2020 report by consumer-watchdog Which? in which cybersecurity researchers found concerning security vulnerabilities in a popular Ford model as well as concerns about the FordPass app data collection. When Which? reached out to Ford/Lincoln to discuss their findings with them, they reported, "Ford declined to receive Which?’s technical report. Which? believes this shows a worrying disregard for possible issues relating to its customers’ security and safety." There are also been other security concerns found by security researchers including white hat hackers letting Ford know customer records and other sensitive information was vulnerable to exposure in 2021 (Ford fixed the bug reportedly before any major data leaks), and a group of security researchers looking into security vulnerabilities in cars announced Ford was included when they found a number of vulnerabilities in various car brands in 2023. The good news is, Ford/Lincoln seems to have addressed these publicly known security vulnerabilities, as best we can tell. The bad news is, much like Which?, when we reached out to Ford/Lincoln to ask them our list of privacy and security related questions as part of our research (we do this for every company we research), the declined to provide answers to any of our questions, making it harder for us to help consumers understand how Ford/Lincoln works to protect and respect their privacy.

Henry Ford is quoted as once saying, “Don't find fault, find a remedy: anyone can complain.” So we'll end our story here with just that, a remedy rather than a complaint. Ford/Lincoln, here are some suggests for ways to remedy your terrible privacy practices: Collect much less data on people. Don't sell the personal information of your customers. Give your consumers the right to delete all their data, no matter where they live. Instead of opting people into the huge amounts of data collect you do by default, opt them out at first and let them decide if they want you to collect all this personal information on them, their cars, their whereabouts, how fast they drive, what they listen to, what their preferences are, and more. Shoot, we'd just ask you to follow your stated Ford Motor Company values to "Put People First' and "Do the Right Thing." Or even better, follow the privacy principles you signed on to follow when you signed onto the automotive industry's own Consumer Privacy Protection Principles. Because right now, we have to say, it doesn't look like you are putting people first or doing the right thing when it comes to protecting and respecting the privacy of the people who drive your cars. Unfortunately, we have to warn that modern Ford/Lincoln vehicles and the LincolbPass app come with *privacy not included.

Tips to protect yourself

  • Read your vehicle owner’s manual and familiarize yourself with how the vehicle you are driving (or riding in) is equipped, for example vehicle connectivity options and data sharing settings.
  • Read this Connected Vehicle Privacy section so you are aware of what Connected Vehicle Information may be collected and how it is used.
  • Inform passengers and other drivers of the vehicle that Connected Vehicle Information is being collected and used by us and our vendors.
  • Prior to selling or transferring ownership of the vehicle, complete a MASTER RESET (see below) to remove imported personal data like contact lists, names of paired devices and/or connected networks to return the vehicle to the default factory settings and:
    a. For vehicles with modems: this will also disassociate any FordPass/Lincoln Way account(s) connected to the vehicle and stop any account-related data sharing
    b. For vehicles with a Connectivity Device: you must remove the VIN from your FordPass/Lincoln Way account(s) to disassociate the vehicle from the account and stop any account-related data sharing
    Note: Account-related data sharing will continue unless (a) or (b) is performed. Please contact us if you have any questions.
  • If you purchase or lease a pre-owned Ford or Lincoln vehicle, please check here for Ford vehicles, and here for Lincoln vehicles to see if your vehicle has connectivity technology. Based on how the vehicle is equipped, perform a MASTER RESET and complete the appropriate action detailed in number 4 (above). Please read the “How to Tell If a Vehicle Is Sharing Data” section below to learn more. Connected Services such as FordPass Connect (SYNC Connect) and Lincoln Connect, if equipped and activated, may send us Connected Vehicle Information and may have associated multiple accounts that may allow the account user to access vehicle location and services, such as remote start, lock and unlock, and information about vehicle status, such as fuel level.
  • Review the terms and conditions and privacy notices for any third-party services or applications to which you subscribe and/or use while in a Ford or Lincoln vehicle.
  • If you rent a connected vehicle, perform a MASTER RESET before you drive the vehicle and before you return the vehicle to the rental company. Please contact the rental company with any questions.
  • Do not give consent to tailored advertisement.
  • Opt out from selling of your personal information, as well as from Cross-context Behavioral Advertising.
  • Always do a factory reset on your car before selling or trading it away to wipe your data clean and disconnect the app.
  • Before reselling your car, make sure to notify the company
  • When buying a used car, always make the previous owner removed their connected account and performed a factory reset.
  • Always use strong passwords and set up two-factor authentication for apps and services that connect to your car
  • Only give access to your data to trusted third-parties
  • When connecting a mobile app to the car, make sure to minimize the amount of data collected through this app. You can use iOS or Android settings to limit the data collected through your phone.
  • Opt out from your mobile device's location sharing.
  • Do not use Amazon Alexa in your car if you are concerned about Amazon collecting that voice request information, IP address, and geolocation information and using it to target you with advertising.
  • mobile

Can it snoop on me? information

Camera

Device: Yes

App: Yes

Microphone

Device: Yes

App: Yes

Tracks location

Device: Yes

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

We ding this product for sharing lots of personal information including race and ethnicity and geolocation for marketing and advertisement; for gathering personal data from third parties for advertisement, for combining information gathered on you from other sources, potentially including public sources, social media, and data brokers.

Ford/Lincoln California Privacy Disclosures

These are the categories of personal information sold to third parties or shared with third parties for cross-context behavioral advertising and co-branded offerings or joint marketing activities: Personal identifiers, personal records, characterists of protected classes, customer account details, internet activity, geolocation data, sensitive personal information: race and ethnicity.

Ford shares identifiers with SiriusXM, joint marketing partners and authorized dealers, advertising and digital analytics companies, social media platforms, and data analytics firms; shares Personal Records with SiriusXM, joint marketing partners, authorized dealers, and data analytics firms;

"We have also Sold information about factory-installed vehicle features and options with third parties such as auction companies, insurance companies, authorized dealers, lenders, guidebook providers, vehicle websites, and prospective buyers so that they can verify a vehicle’s features and options and estimate its value. The features and options information that we share with these third parties is linked to the vehicle identification number (VIN)."

Ford/Lincoln Connected Vehicle Privacy Notice

"When Connected Vehicle Information is collected from the vehicle, it may be associated with a vehicle's identification number (“VIN”) or other identifiers, and the VIN or the other identifiers may be linked to you."

Ford/Lincoln US Privacy Notice

"In limited situations, we may collect Vehicle Location, regardless of location settings. We do this to protect and defend our rights or property (including repossessing a vehicle in the event of a delinquency) or to comply with applicable law, to respond to valid legal process (including from law enforcement or other government agencies), or, in the event of exigent circumstances, to help prevent the loss of life or serious injury or help protect the personal safety of Ford personnel, users of our vehicles, websites, or apps, our visitors, or the public."

"Consumer Data Analytics Firms: We receive Demographics and other data from third parties for purposes such as supporting our marketing campaigns and personalizing Products to our customers."

Ford uses data "to promote our products and services and those of our selected partners through marketing, advertising, and sponsorships (see the Cookies section below for information about personalized advertising and your advertising choices and the Choice and Control of Personal Information section for how to change your preferences for promotional communications)."

"Device and Mobile Location: Depending on your device and app settings, we also collect location data from your devices. If your mobile device is connected to your vehicle via Bluetooth or tether, vehicle location may be derived from mobile device location."

"We disclose personal information to other companies that we work together with to offer services to our customers, or to reach potential customers with our marketing messages. Examples include:
- SIRIUS XM. We disclose Contact Information to SiriusXM so that SiriusXM can provide satellite radio offers to vehicle purchasers, including offers for paid subscriptions.
- Advertising and Digital Analytics Companies. Please see the Cookies section of this Notice for a description of how we work with advertising and digital analytics providers.
- Social Media Platforms. We disclose hashed emails from our marketing database or other information we have collected as described in this Notice to social media advertising platforms, such as Facebook, so that they can create Custom Audiences and deliver advertisements on our behalf to their users. Those users are identifiable to the Social Media company when it matches our hashed data to its hashed data of its users.
- Joint Marketing Partners. We disclose information to partners with which we offer co-branded service or engage in joint marketing activities.
- Vehicle Verification and Valuation Partners. We disclose information about factory-installed vehicle features and options to third parties such as auction companies, insurance companies, dealers, lenders, guidebook providers, vehicle websites, and prospective buyers so that they can verify a vehicle’s features and options and estimate its value. The features and options information that we disclose to these third parties is linked to the unique vehicle identification number (VIN)."

Lincoln Way App Privacy Policy:

"Mobile Device Location: Precise location information is collected from your mobile device in connection with location-based functions of Lincoln Way. This information includes Global Positioning System (GPS) data and location derived from IP address. This information can be used to determine your device’s current location, travel direction and speed. If you have enabled location services on your device, this data may be collected when the app is running in the foreground or background. We may also derive your approximate location from other device data such as Wi-Fi access points, cell towers, and your IP address, whether location services are on or turned off, through the permission system used by your mobile operating system."

"We use the personal information we collect to provide you with great functionality and services; allow you to control certain vehicle features; fulfill requests you’ve made in Lincoln Way; make recommendations (if applicable) and personalize your experience, troubleshoot problems; develop new and improved products, services, and marketing strategies; conduct research; to protect safety, property, privacy, and security; and to comply with legal requirements."

"We may combine the information we collect through your use of Lincoln Way or third-party services that integrate with Lincoln Way with other information you have previously provided or that we have collected from other sources."

"Connected Vehicle Information collected through your use of Lincoln Way or third-party services that integrate with Lincoln Way may be associated with a vehicle’s unique identification number (“vehicle identification number” or “VIN”) or other identifiers, and those identifiers may be linked to you."

"We may de-identify information we collect about you and use it for any purpose in accordance with applicable law."

How can you control your data?

We can not confirm that all users regardless of location can get their data deleted.

European versions of the privacy policy mention the right to delete data:
"You have the right as an individual to find out what information we hold about you and for what purposes, as well as to make corrections if necessary. You also have the right in some circumstances to object to our continuing to process your personal information, or to ask us to delete, restrict the use of your information. In some circumstances you can also request that your personal information is provided to you in a commonly used electronic format so that you can share it with other organisations (this is often referred to as the right to 'data portability')."

The US version of the Policy only mentions right to delete data for California residents.

Many other Policies (for example, for India), do not specify the right for data deletion at all.

"You can access, edit, or delete some of the personal information we have collected by logging into your account and accessing the information displayed in your profile or account settings. For example, if you sign into your owner account on the Ford website and then select your profile, you can view and change your personal information and information about your vehicle(s), as well as change your email contact preferences."

"We retain personal information for as long as necessary to provide the products and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as whether your personal information is reasonably necessary to manage our operations, to manage your relationship with us, or to satisfy another purpose for which we collected the information; whether your personal information is reasonably necessary to carry out a disclosed purpose that is reasonably compatible with the context in which we collected the information; whether the personal information is reasonably required to protect or defend our rights or property; or whether we are otherwise required or permitted to keep your personal information by applicable laws or regulations. Where personal information is used for more than one purpose, we may retain it until the purpose with the latest period expires."

"We only keep your personal information in identifiable form for as long as is necessary for the purposes set out above. This generally means holding the information for as long as one of the following apply:

your information is reasonably required in order to satisfy the purpose for which you submitted or we collected the information;
your information is reasonably required in order to protect and defend our rights or property (this will generally be the length of the relevant limitation period in your jurisdiction); or
we are otherwise required to keep your information by applicable laws or regulations.

Where information is used for more than one purpose, we will retain it until the purpose with the latest period expires.

Once Connected Vehicle Information is no longer needed, it is either irreversibly anonymised or destroyed."

"Multiple accounts can be created on the FordPass / Lincoln Way apps, and more than one account can be connected to a single vehicle. If you drive a vehicle with more than one account connected to it, the user(s) of each account will have access to:
The vehicle's location;
Services that allow the vehicle to be remotely started, locked and unlocked; and
Services that show information about the vehicle's status (for example, its fuel level)."

"Similarly, if you drive a vehicle with the FordPass / Lincoln Way app connected to it, the user(s) of the app will have access to the information and services outlined above.""

What is the company’s known track record of protecting users’ data?

Needs Improvement

In 2021, a bug on Ford Motor Company's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc.

Child Privacy Information

We found no children-related privacy information for this product.

Can this product be used offline?

Yes

User-friendly privacy information?

No

Ford/Lincoln. has numerous privacy policies for their website, cars, connected services, FordPass app, and more. It is time consuming to sort through them all. And while they aren't the most difficult to read privacy policies we've ever seen, they are certainly not easy to digest and understand.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Unknown

Encryption

Can’t Determine

Ford says, "The connected device sends encrypted data (such as the VIN, SYNC module serial number or other component identifier, odometer, enabled apps, usage statistics and debugging information) to us." However, we cannot determine if all data sitting on the car, including telematic data the car collects as well as data shared when you connect your phone sits encrypted, and if all collected data is encrypted in transit. We reached out to the company to attempt to determine this multiple times and received no response.

Strong password

N/A

Security updates

Yes

"We periodically release software updates so the vehicle has the latest compatible SYNC version."

Manages vulnerabilities

Yes

Ford runs a bug bounty program under https://hackerone.com/ford

Privacy policy

Yes

Does the product use AI? information

Yes

Lincoln employs Driver assist technology in the newer models. It includes pre-collision assist, lane-keeping system, etc. These features are enabled by numerous cameras, sensors and radars on the car.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*Privacy Not Included

Dive Deeper

  • From Ferrari to Ford, Cybersecurity Bugs Plague Automotive Safety
    Dark Reading Link opens in a new tab
  • Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
    Sam Curry Link opens in a new tab
  • Ford bug exposed customer and employee records from internal systems
    Bleeping Computer Link opens in a new tab
  • Ford Narrowly Avoided A Massive Cybersecurity Leak Thanks To Friendly Hackers
    Car Scoops Link opens in a new tab
  • Ford Announces Baidu-Powered SYNC+ for China
    The News Wheel Link opens in a new tab
  • The Amazing Ways The Ford Motor Company Uses Artificial Intelligence And Machine Learning
    Bernard Marr and Co. Link opens in a new tab
  • Ford and Google to Accelerate Auto Innovation, Reinvent Connected Vehicle Experience
    Ford Media Center Link opens in a new tab
  • Popular connected cars from Ford and Volkswagen could put your security, privacy and safety at risk, Which? finds
    Which? Link opens in a new tab
  • Ford Infotainment Privacy Class Action Lawsuit – Illegally Storing & Sharing Private SMS With Law Agencies?
    Consider The Consumer Link opens in a new tab
  • Mark Jones, et al v. Ford Motor Company
    Justia Link opens in a new tab

Comments

Got a comment? Let us hear it.