
Advertencia: *Privacidad no incluida con este producto
German auto manufacturer Audi is known for their luxury cars, their 4-ringed logo, and their slogan "Vorsprung durch Technik" (Progress through Technology). A subsidiary of the Volkswagen Group, Audi makes electric cars, sedans, coupes, wagons, SUVs, and sporty convertibles. Following along with BMW, they won't win any awards for creativity in naming their cars with models ranging from the Q3, Q5, Q7, and Q6, A4 - A8, the TT, R8, and electric vehicles like the e-tron GT, and q4 e-tron.
Audi offers connected vehicle features through various paid tiers of the Audi Connect services. And their myAudi app lets users do things like remotely lock and unlock your car, check on fuel levels and service appointments, set up speed alerts, and geofence boundaries to alert you if your car goes somewhere outside of a set area. OK, that sounds kinda creepy (and handy too, we suppose). So, how is Audi at privacy? Unfortunately, not great. Turns out Progress through Technology isn't exactly a good thing for your privacy, especially when your data makes Audi money.
¿Qué podría pasar si algo falla?
Uhg, Audi, really?!? Why must you make things so hard for people (especially in the US) who want to buy your cars -- and for privacy researchers! -- to understand your privacy policies? Let's just take a quick (hahaha, just kidding, it won't be quick) look at Audi's privacy policies. First there is Audi Privacy Statement page (US), that links to a privacy policy for Audi cars built 2019 and later (US) and then another privacy policy for Audi cars build 2018 and earlier (US), unless of course you agree to the 2019 and newer privacy policy or use something called Key User or sign up for the Connect PRIME services. Confused yet? We were. Then there is the privacy page for the Volkswagen Group of America (which owns Audi) where consumers can submit a privacy request in the United States, but ONLY if you live in certain states like California with stronger privacy laws. Speaking of California, USA, there's also the link to the Your California Privacy Rights page. If you live outside the US, you can go to their privacy portal (EU) by country and find their EU and other privacy policies (EU) there. And then you have to also read Audi's Connected services privacy policy (EU).
It's a lot to sort through...and that's not even mentioning the various broken links and "unavailable at this time" websites we stumbled across in our search through all of Audi's privacy policies. None of this will make a privacy researcher happy because if we're struggling this much to find and understand Audi's privacy landscape -- and it's our job to do this -- what chance do consumers have to understand how Audi and is collecting, using, sharing, and possibly even selling your personal information and car data? Uhg. Please made navigating your privacy policy ecosystem easier car companies! (We've done our best to link out to all these privacy policies below to help you out).
OK, mini-rant over. Let's get into the details of what Audi's various privacy policies do say (as best we can tell). First off, yes, just like all car companies, Audi collects a huge amount of personal information, car data, and other data on you. Everything from our name, email, phone number, where you live, age, gender, your geolocation data based on your car and phone's GPS, those voice commands you make in the car, and lots and lots of vehicle usage data like vehicle speed, seat belt usage, what the temperature is, and so much more. Oh, yeah, there's also all the data they say they can collect through your use of those connected services like your navigation, music streaming, the speed alerts, and geofencing boundaries you set up for others, and this hugely broad category described in their privacy policy, "and information about your interactions with us, our affiliates, our service providers, Content Providers, or Optional Third Parties related to your vehicle usage."
That's a whole lot of information. That's not all though. Audi goes on to say they can also collect even more information on you from places like data brokers, car dealerships, social media platforms, content providers, and more. And once they have all this information on you they say they can combine it to draw inferences about you and create a big old profile of you "reflecting your preferences and characteristics." Yuck!
So Audi knows a ton about you, your car, your driving habits, the locations you visit, how often you lose your parked car, what streaming music you listen to, how fast you drive, and then they make inferences about who you are and what you like. And THEN they say they can share and even sell that data to third parties for Audi's and these other (mostly) nameless third parties for lots and lots of marketing and advertising purposes. None of this is good. Audi also says they can share your data with the entire huge Volkswagen Group family of companies, Audi dealers, all those Audi connect content providers, and more. Your data gets around!
Audi does a good job protecting all that personal information, vehicle data, connected service and myAudi app usage information right? Nope. Unfortunately, Audi (and their parent company VW Group) have bit of a spotty track record at respecting and protecting all that personal information they collect. Back in 2021 they announced a big old data breach that saw the personal information of 3.3 million users compromised and then offered up for sale by hackers resulting in a $3.5 million class action settlement. Shoot. Audi's own privacy policy warns users that while they maintain "reasonable safeguards to protect your information. Some services, including Audi connect services, may involve the transmission of voice and data from your Audi vehicle over wireless and cellular telephone networks and therefore, we cannot guarantee the privacy and security of conversations or data transmitted to and from your Audi vehicle." So yeah, that's a good reminder that there are no guarantees that your personal information, including things as personal and private as your voice data, will be kept private and safe. It's good to be cautious folks, even if you feel like you have nothing to hide.
All this -- coupled with the fact that not everyone has the same right to request all that personal information Audi collects is deleted or opt-out of data sharing for marketing purposes -- is bad enough. Add in Audi's (and VW Group ) spotty track record of protecting and respecting that data and we've got some big concerns about your privacy if you drive an Audi and connect to it through the myAudi app and use those cool connected services to listen to SiriusXM radio or navigate about town.
So, what's the worst that could happen? Well, dang it if we can't see an abusive partner using those feature Audi touts as a Valet Service to stalk, abuse, and restrict the freedom of an abused partner That, and the fact that you could get targeted with lots of weird ads after Audi infers you're hopelessly single because you like to drive to the same brewery every Friday night while listening to your "I'm soooo lonely" playlist through your streaming music service and then at 3am tend to use the car finder feature to remind you where you parked your car. Yeah, Audi -- or anyone but your best friend and your Mom -- really don't need to know that much about you.
Consejos para protegerte
- Enable the 'Privacy Mode' feature in the myAudi app.
- If you use BMW CarData, only give access to your data to trusted third-parties.
- Always do a factory reset on your car before selling or trading it away to wipe your data clean and disconnect the app.
- Do not give consent to tailored advertisement.
- Opt out from selling of your personal information, as well as from Cross-context Behavioral Advertising.
- Always do a factory reset on your car before selling or trading it away to wipe your data clean and disconnect the app.
- Before reselling your car, make sure to notify the company
- When buying a used car, always make the previous owner removed their connected account and performed a factory reset.
- Always use strong passwords and set up two-factor authentication for apps and services that connect to your car
- Only give access to your data to trusted third-parties
- When connecting a mobile app to the car, make sure to minimize the amount of data collected through this app. You can use iOS or Android settings to limit the data collected through your phone.
- Opt out from your mobile device's location sharing.
- Do not use Amazon Alexa in your car if you are concerned about Amazon collecting that voice request information, IP address, and geolocation information and using it to target you with advertising.
¿Me puede espiar?
Cámara
Dispositivo: Sí
Aplicación: Sí
Micrófono
Dispositivo: Sí
Aplicación: No
Rastrea la ubicación
Dispositivo: Sí
Aplicación: Sí
¿Qué se puede usar para registrarse?
Correo electrónico
Sí
Teléfono
Sí
Cuenta de terceros
No aplica
¿Qué datos recopila la empresa?
Información personal
"Name, address, telephone number, email, preferences, photographs, user-generated content and other materials that you may submit, demographic information, Audi connect subscription information, Key User registration information, Authorized User registration information, and myAudi registration and account information (such as a date of birth or other information to verify your identity), Geolocation data (please note that GPS location tracking is automatically enabled and active before purchase or lease of Audi vehicles), Inferences drawn from any of the information we collect to create a profile about you reflecting your preferences and characteristics. Vehicle- and driving-related information: Vehicle status information (e.g., speed, deceleration, lateral acceleration, wheel revolution speed, whether the seat belts are fastened), Environmental conditions (e.g., temperature, rain sensor, distance sensor), Convenience and Infotainment Features, general vehicle status data (including warning lights, vehicle condition data, and service-related data such as upcoming service schedule, fuel level, battery level, and tire pressure); service history and fault or trouble codes; ambient data (such as outside temperature and brightness); vehicle performance data and other data about your vehicle, including its identification, condition, equipment status, charging data (for electric vehicles), or collision information; vehicle/technology usage data (such as usage of start/stop and remote start technology); driver behavior data (such as vehicle speed, seat belt use, and information about breaking habits); information that you provide when using the Audi connect services, including information you send and information you request; information about your use of Audi connect services, mobile applications and websites; and information about your interactions with Audi, its affiliates, service providers, Content Providers, or Optional Third Parties related to your vehicle usage. If your vehicle is equipped with an Event Data Recorder (“EDR”), crash or near-crash information about the vehicle or driver’s behavior will be recorded in the vehicle."
Información biométrica
Audio, electronic, visual, or similar information, such as call recordings for emergency and customer service purposes, and voice command data.
Información social
¿Cómo utiliza la empresa estos datos?
¿Cómo puedes controlar el uso de tus datos?
¿Qué historial tiene la compañía en cuanto a la protección de los datos de los usuarios?
In June 2021, Volkswagen and its daughter company Audi suffered a data breach affecting 3.3 million users. A few days later, hackers put the data stolen from the car maker for sale on a notorious hacking forum. In January 2023, Volkswagen "agreed to a $3.5 million class action lawsuit settlement to resolve claims their customers’ information was stolen in a data breach spanning several years."
In January 2022 it was reported that VW fired a senior employee after they reported cybersecurity concerns. Audi is a subsidiary of VW Group.
Información sobre privacidad infantil
¿El producto se puede usar sin conexión?
¿La información de privacidad es fácil de entender?
Audi has a complicated privacy policy ecosystem (yeah, I wrote privacy policy ecosystem...trust me, it feels weird even for a privacy researcher to write that) for their cars, apps, website, and more that can be tricky to find, navigate, and understand. For instance, Audi USA has different privacy policies for cars made from 2019 forward and another for cars made in 2018 and older. As part of the Volkswagen Group, they link out to their privacy policies too. Navigating and trying to understand Audi's privacy policies can get very confusing.
Enlaces a información de privacidad
- Audi Privacy Policy by Country Selection Page
- Audi EU Privacy Policy
- Audi Connect EU Privacy Policy
- Audi USA Privacy Statement Portal
- Audi USA 2019 and New Cars Privacy Policy
- Audi USA 2018 and Older Cars Privacy Policy
- Audi USA California Privacy Rights Statement
- Audi USA Privacy Request Portal (Through Volkswagen Group of America)
- German Datenschutz
- German MyAudi App Privacy Policy
¿El producto cumple nuestros estándares mínimos de seguridad?
Cifrado
We cannot determine if all data sitting on the car, including telematic data the car collects as well as data shared when you connect your phone sits encrypted, and if all collected data is encrypted in transit. We reached out to the company to attempt to determine this multiple times and received no response.
Contraseña fuerte
To log into myAudi a strong password is required.
Actualizaciones de seguridad
Gestiona las vulnerabilidades
Anyone can submit a vulnerability according to Audi vulnerability reporting policy.
Política de privacidad
Audi pre sense® systems use radar sensors in the rear bumper to help detect an impending rear-end collision, and can initiate preventive measures. They also use forward-facing camera and radar systems for pedestrian and stationary vehicle detection and preparation.
Audi Driver Assistance systems include adaptive cruise assist, active lane assist, adaptive cruise control with Traffic jam assist, night vision assistant, parking help, etc. These features are enabled by numerous cameras, sensors and radars on the car.
¿Es poco confiable esta IA?
¿Qué tipo de decisiones toma la IA acerca de ti o por ti?
¿La empresa es transparente acerca del funcionamiento de la IA?
¿Tiene el usuario control sobre las características de la IA?
Profundiza más
-
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyersZD Net
-
Hackers Are Selling Data Stolen From Audi and VolkswagenVice
-
Audi, Volkswagen customer data being sold on a hacking forumBleeping Computer
-
Audi Customer Must Keep Data Breach Claims in Federal CourtBloomberg Law
-
Volkswagen and Audi Hit with Data Breach Class ActionNational Law Review
Comentarios
¿Tienes algún comentario? Queremos escucharte.