Update May 14th: The FTC published a blog post putting connected car companies on notice for “unlawful collection & use” of consumers’ sensitive data.

  • They warned car-makers to “take note” of three actions they’ve taken recently against other companies for abusing their access to sensitive data by sharing it or using it for decision-making without consumers’ consent.

The Federal Trade Commission (FTC) is in charge of protecting US consumers from deceptive on unfair business practices. So if there’s any agency that can hold US car-makers accountable for their terrible privacy practices, it’s them! This is definitely a step in the right direction for cars and privacy.

If you haven't heard our shouts from the rooftops: cars stink at privacy. And now, US Senator Markey is asking that car companies answer to the United States Federal Trade Commission -- the government agency responsible for protecting consumers -- for their over-collecting, sharing, selling, and failure to protect your personal data.

In case you missed it:

  • After launch, our guide made headlines worldwide catching the attention of millions of unhappy consumers. More than 42,000 of you signed Mozilla’s petition asking car companies to stop their huge data collection programs. All that noise was heard by legislators in Europe and the United States.

  • In November 2023, US Senator Markey wrote a letter to the car companies behind the brands we researched (as well as Mazda) saying that the guide “revealed unfettered data collection and privacy intrusions across huge swaths of the automobile industry” and that these practices must end. In his letter, he asked tough questions about data collection, sharing, selling, security, and drivers’ privacy rights with a deadline to respond by December 21st, 2023.

That brings us to today, when two things happened: US Senator Markey and his team published all of the car companies’ responses to his questions. And based on those answers, he wrote another letter… this time to the F-T-C!

Senator Markey calls on the FTC to investigate cars and privacy

So remember those tough questions that Senator Markey asked car companies last year, like whether they’ve ever shared drivers’ personal data with law enforcement, how much money they make off selling your personal data, and whether they make any effort to get their customers’ consent -- and more? Well, we finally got to read the answers!

Senator Markey and his team published them here. Sadly, the “answers” are exactly the kind of evasive non-answers you would expect if you’re used to having your privacy questions ignored by big companies. (It’s OK, it barely hurts our feelings!) In Markey’s own words, they mostly “sidestepped [his] questions,” which is putting it nicely.

So that’s the bad news, that the car companies still won’t answer the questions we -- and Senator Markey -- want answered. We did get a chuckle, as we do, out of the creative ways companies responded. We’ll share those tidbits with you all for your reading pleasure later.

But for now, there’s good news! Because car companies’ responses gave the senator “little comfort” and “ignor[ed] the real privacy risks their data practices create,” he’s now urging the FTC to step in with a public letter to FTC Chairwoman Lina Khan.

This ambiguity and evasiveness calls out for the investigatory powers of the FTC. Given the serious risks to consumer privacy, I urge the Commission to use the full force of its authorities to investigate the automakers’ privacy practices and take all necessary enforcement actions to ensure that consumer privacy is protected. The auto industry cannot become yet another domain that tracks and targets consumers.

United States Senator Edward J. Markey in his letter to the FTC

The Senator and his team attached the car companies’ (non) responses to the letter and again cited our research as well as a follow up New York Times article from December as proof of the potential and real harms that car companies’ unchecked practices can have on consumers. This is a big deal! It’s the FTC’s job to protect American consumers’ rights. And when the FTC investigates and holds companies accountable for their bad behaviors, the whole world watches.

What’s next?

You can count on us to keep you in the loop about cars and privacy, including any moves by the FTC *fingers crossed*. We heard you and know how much you care. We also want to say a huge thank you for reading our research, talking about it, and for signing Mozilla’s petition. Look what we can do together! And we’re not done. With your help, we can raise the bar on privacy worldwide.

Jen Caltrider

Jen Caltrider

Enquanto me dedicava ao mestrado em Inteligência Artificial, deparei-me com uma experiência inesperada: minha verdadeira paixão estava em contar histórias, e não em escrever código. Essa revelação abriu as portas para uma carreira estimulante como jornalista especializada em tecnologia na CNN. Meu verdadeiro propósito sempre foi contribuir para um mundo melhor, e é por isso que lidero a iniciativa *Privacidade não incluída da Mozilla, onde nossa missão é garantir uma privacidade melhor para todos nós.

Misha Rykov

Misha Rykov

Misha, natural de Kiev e radicado em Berlim, possui experiência no setor de tecnologia e consultoria de segurança, e agora faz parte das iniciativas de privacidade da Mozilla. Ele é apaixonado por contar histórias investigativas e não suporta políticas de privacidade confusas. Misha é um defensor de regulamentações de privacidade mais fortes e inteligentes, além de lutar por uma internet mais segura.

Zoë MacDonald

Zoë MacDonald

Zoë é uma escritora e estrategista digital radicada em Toronto, no Canadá. Antes de sua paixão pelos direitos digitais levá-la à Mozilla e ao *Privacidade não incluída, ela escrevia sobre cibersegurança e comércio eletrônico. Quando não está imersa no universo da privacidade em seu trabalho, ela observa com cautela os dispositivos inteligentes em sua casa.

*Privacidade não incluída