I'm a diesel mechanic by trade. for anyone curious to disable your cars data collection the OnStar systems easiest.
under your passenger dash is a black metal box, usually documented. unplugging the harness and removing it, you can open it to expose a baseboard and a riser. the baseboard is for things like infotainment usually but the riser is your cellular modem. pull it and you'll get a warning light on the dash, but no more data collection. older cars will have a Sim in the riser you can pull if thats less invasive to you.
note: OnStar is also disabled and will not dial 911/999 on collision.
This is the correct answer. Found this out when I was doing a ham radio antenna install on my car. The shark fin for the XM radio antenna (that I never use) sits on top of a hole in the roof, and a nice hole in the roof is a the perfect spot for a ham radio antenna, so I removed the shark fin. After disconnecting it I noticed it also disconnected OnStar, GPS, etc. It's all integrated into that fin.
Once disconnected, the car isn't going to be able to send anything even if it tried. Only question is if your car is gonna bitch at you because it's disconnected (mine doesn't).
What is the current legal thinking on the right to privacy while driving, has there been any legal development recently? In a car on public roads, location (for example) isn’t something we have historically had a right to keep private. Companies could, and the government sometimes does, legally track license plates or RFID tags on some roads (esp. state borders, bridges, HOV lanes).
So we’ve never had a right to not have our whereabouts known or tracked, but companies and the govt have also never been able to track everyone extremely easily until recently. So there’s legitimate concern that the ease and scale of location tracking mean that we should perhaps establish a right to some privacy, but I’m not sure how that stands up to other people’s rights to see you and identify you when you’re in public.
I was just thinking about the famous “Photographer’s rights” pamphlet that has gone around the internet for a while, and people who post YouTube videos of being harassed by police or security guards who claim photos can’t be taken of a building or site when the photographer is standing on public ground. The pamphlet patiently explains that you’re allowed to photograph anything visible from public land. Googling, I see a page at ACLU dedicated to the same idea https://www.aclu.org/issues/free-speech/photographers-rights
I’m thinking about the future: imagine people made a stink about cars transmitting this data, and companies deciding instead to install cheap cameras everywhere on all roads. How do the photographer’s rights interact with people’s expectations for privacy? What should we expect, and what expectations are unrealistic and need adjusting? Are there any developments were lawmakers are addressing where the right boundaries are between public rights, private data, and the scale of cheap ubiquitous digital tracking?
> What is the current legal thinking on the right to privacy while driving
I think it’s pretty clear from precedent you have none.
Every vehicle displays a unique number in large, readable type, and has for longer than any person has been alive. I haven’t seen any objections.
The same applies to driving licenses that are covered in very personal information which is handed over willy-nilly to anyone who asks for it.
In California they make it clear that driving is a “privilege”, not something in which you have any rights.
Edit: another example: notice that the automatic toll collection systems are always implemented as registration+billing based systems rather than as any kind of privacy-protecting cash-like schemes.
I think problem here is one of trying to limit the "pre-crime" instead of the crime itself. We have a problem with companies using mass data surveillance to keep track of the movements, generally of large amounts of people. Trying to stop this by creating laws that prevent taking pictures is almost doomed to fail.
Along the same lines, if an office follows someone (they believe might be related to a crime, etc) around town to track their whereabouts, that seems within reason. If the police force (using advances in technology) tracks the whereabouts of all people at all times, it's unreasonable. It's the same thing, just at a different scale.
We need to find an effective way to allow the "components" of something that isn't allowed, without allowing the thing itself.
This is just my anecdata, but over 30 years of driving, it's only the last 2-3 that have felt like a large percentage of driver no longer care about traffic rules.
It used to be it was rare for me to see a major violation. Now it's is literally every single time I go for a drive or ride my bike, at least in the city of San Francisco, that see (a) someone running a red light, (b) someone turning right from the 3rd lane (meaning they should be in the first lane), (c) someone turning left illegally before the on-coming traffic when the light turns green, (d) driving for blocks in the bus only lanes, I even saw someone drive down the wrong way down a one way street to take a short cut. Often I see 2 to 3 of these during a single outing.
If more surveillance would stop this then I'm for it.
I'm curious what changed (a) my noticing ... I really don't think that's it but it's possible (b) people for some reason no longer giving a fuck (c) too many video games (half joking, half not, personally love video games but of course in a video game you drive however you want. Of course you also kill people in video games (d) cycling culture bleeding into driving culture. (e) ....
I have no idea what current legal thought is, but I would hope that it factors in how data is collected. There is a world of difference between observing someone in a public space and using a device attached to private property to collect data. Likewise, there is a difference between passive observations and what is effectively stalking someone.
As for photographer's rights, I work in a public space. I don't care whether people photograph me unless it crosses the line of harassment. Likewise, if I notice someone taking photographs of other people's children, I will do my best to make them feel uncomfortable with their actions. Context is always important.
The idea of what is public and private data is also constantly changing. I recall governments making public data available online in the mid to late 1990's. Records that you could visit government offices for in prior decades (e.g. certain types of property records) were viewed in a very different light once they became easily accessible. These changes will continue to handle, in part to balance rights but also because we need to address an imbalance of power due to an imbalance in access to information.
> The pamphlet patiently explains that you’re allowed to photograph anything visible from public land.
this might be true in the USA but it is definitely not true in Japan. People's right to privacy trumps your right to take pictures in public. In crowds it's usually not a problem but make a particular person the subject of your photo and you could easily get in trouble. Same for buildings if you publish the photo
There are tech companies that have cameras that track all the vehicles that drive by their campus HQs -- and report the activity back to the city/police
True to HN form the proposed remedies tend to be technical in nature (though not necessarily wrong). This is another one of those problems best rectified with legal protections, not blog posts about how to disconnect the antennas. At the state level (in the US) it would be manageable to pass laws limiting or banning these practices, and that should be the first response. Of course backing that up with technical workarounds doesn’t hurt, either…
I didn't see a blog post with instructions on how to remove the antennas. Got one? I'd love to do this. I'd love even more to pay a mechanic to do this but I'm not even sure what I'm asking for. I think there are 3 two way radios in my car, Sirius and 2 cellular modems from what I can glean from the user's manual. It's a 6 month old $50k car; asked about it on a subreddit and someone said it would probably void my warranty - fucking awesome.
Legal protections would be nice, but I'd like to stop being stalked _immediately_.
> Vehicle Data... After your Vehicle’s ignition is turned off, the Vehicle transmits the location of the Vehicle and the time it was turned off.
If every car with Sirius installed transmits the time and location when it was switched off to marketers, that would close the loop on all those "I just moved to this place and I'm getting local robocalls to my cell number".
>"I just moved to this place and I'm getting local robocalls to my cell number"
This is more than likely just a combination of National Change of Address database (which is updated daily, I think, and there seems to be a lot of companies selling it) and some marketing information from one of many services that sell it, almost all of which contain your cell phone.
I really despise the "smartphone on wheels" trend. I got a used Mazda 3 which doesn't have any of that, the new models come hyperconnected, so you can "see the status of your car with an App" (no thanks).
Is there a list of cars which don't have remote data collection?
This is a great article. I've wondered about that myself:
Forgetting about the smartphone data, many cars have a Navigation system, which means the car itself knows where you are. Is it being communicated in real time, or does the car at least remember?
I actually asked someone who works in car automation this very question, and he said it's really manufacturer-dependent.
The car manufacturers are hoping no one digs into this. So let's dig.
I just started with GM's OnStar. Here's an ominous paragraph in [1]:
If you sell or otherwise transfer your vehicle, it is your responsibility to delete all information (such as contacts, address look-ups, saved map addresses, or preferences) from the vehicle and contact us to transfer or cancel your account. If you do not delete this information, it may remain in the vehicle and may be accessible to future users of the vehicle. For instructions on how to delete information from your vehicle, please refer to your vehicle owner’s manual.
So apparently, if you look a place up (say, the motel where you and your extramarital partner meet), it stays with the car and/or your OnStar account.
many cars have a Navigation system, which means the car itself knows where you are. Is it being communicated in real time, or does the car at least remember?
GPS itself is entirely passive. The last position is definitely stored in the receiver to make it faster to acquire a position fix the next time it's turned on, but the question is whether that is sent outside the car. A standalone GPS unit of the type that people add as an aftermarket accessory, instead of being integrated, will almost certainly not be transmitting its location elsewhere.
My 2016 BMW 118d has a navigation system and a built-in SIM card. It is used in multiple instances (the listed ones): locating/locking/unlocking your car remotely (all optional), start an emergency call, updating the firmware and talking to a messaging server
I'm a little confused by the discussion here. Please forgive me if I've missed something obvious.
Much of the discussion seems to be around the government (usually, but not limited to, police) monitoring the location and operation of a vehicle on public roads.
While I'm not a huge fan of government surveillance, registering a vehicle (and obtaining a driver's license) and monitoring the performance of that vehicle (and its driver(s)) are governmental functions purporting to ensure the safe operation of a vehicle.
Corporate entities, like auto manufacturers, dealers and "tech" companies have no such responsibility, nor do they have any role in (except in abiding by the law/regulation -- e.g., emissions standards).
So, unless there is some sort of government mandate to collect such information, corporate entities have no reason (other than their own profit) to collect location, velocity and/or in-vehicle activities.
IMNSHO, that they do so should be much more concerning than red light or speed cameras, being followed for a few miles by the police, or as is popular where street parking is a thing, checking registration/inspection expiry.
Just as one (or should be) is horrified by the levels of tracking by corporate entities on IOT devices, "smart" TVs, dishwashers(?!?), etc., etc., etc., why are folks focusing on the government here?
They aren't gathering the boatloads of information being collected by the corporate entities (and if the government starts buying such data, they should be smacked down hard!) that are invading/destroying what little privacy we might have.
As such, I don't get why the focus is on the government rather than on the folks actually gathering all this data.
TVs between smartphones and cars. There's still plenty of room for expansion, like your door locks and home climate controls, your medical history/treatment, your votes...
I have a car with Here maps, but it never occurred to me that a side effect of it having a data connection is data collection. I’ve been used to car navigation systems being offline, but it seems newer models like to search online for results, which of course exposes a lot of data to their servers.
I wonder if you turned off the “online” search results and routing if it would shut off data collection, or if you’d have to physically cut off the cell connection.
> Otonomo is one example of the dozens of companies that market their attempts at keeping information anonymous. Otonomo describes its platform as having “privacy and security by design” and notes the use of patented “data blurring” technology to protect user privacy.
> It also has an “Otonomo Driver Pledge” page promising drivers the ability to easily grant or revoke access to personal data,
This doesn't add up. If they collect only anonymized data, then they won't be able to find that customer's data and do anything with it.
I’m surprised that all this web of data hasn’t led to the most meaningful and significant improvement we still need in the car industry: have people who drive dangerous pay more for their insurance. It takes very little time near a road to notice that some people present an order of magnitude more risk than others, and no one has ever tried to confront them about it — at least successfully.
With cars and their drivers killing more than a million people every year, a little constructive feedback would be a major help to avoid so many tragedies.
Wouldn't this be illegal under GDPR? A license plate number can be linked to the owner and therefore can be a PII, as well as car serial number or other identifier.
Also, this shows that no matter if you pay for the product or not, you become the product for squeezing the data anyway.
Also, this could be a national security issue everywhere except US if US government would be able to track the cars all around the world. For example, what if they will track the cars used by defence industry employees or military personnel?
Such tracking equipment should be banned for import, but it is more likely that local government will just ask to provide the data to them too.
> Also, this shows that no matter if you pay for the product or not, you become the product for squeezing the data anyway.
Because it's not due to money, but power. They have the power to put spy devices in so many cars it becomes (near) impossible to buy one without, and so they do it.
A product only respects your rights if you can control it, if you have the power and leverage to change how it works. If you don't, you get user-hostile features whether you like it or not (the Intel Management Engine, and its AMD equivalent, being just two examples).
I have it on good authority that it's not a monopoly if more than one company exists on the planet. In the end it will just be Monocorp and Mozilla, surviving on yearly half-billion monobuck® checks from Monocorp.
It is hard to summarize the situations briefly, but, essentially, the government can do whatever they want and the courts hardly ever slap them on the hands.
(IJ also _fights_ these issues in court pro bono - they are a law firm! - so supporting them looks like a good idea. disclosure: I am not affiliated with them in any form, just a podcast listener and a very minor donor)
I don't know why I never considered that my car may be collecting data on me. I have a Hyundai, and I just went into my settings to turn off as much of this as possible. I wonder if there's a way to disconnect the antenna or deactivate the cell service since I don't need it...
[+] [-] nimbius|3 years ago|reply
under your passenger dash is a black metal box, usually documented. unplugging the harness and removing it, you can open it to expose a baseboard and a riser. the baseboard is for things like infotainment usually but the riser is your cellular modem. pull it and you'll get a warning light on the dash, but no more data collection. older cars will have a Sim in the riser you can pull if thats less invasive to you.
note: OnStar is also disabled and will not dial 911/999 on collision.
[+] [-] vitaflo|3 years ago|reply
Once disconnected, the car isn't going to be able to send anything even if it tried. Only question is if your car is gonna bitch at you because it's disconnected (mine doesn't).
[+] [-] eyelidlessness|3 years ago|reply
[+] [-] nichos|3 years ago|reply
[+] [-] nilespotter|3 years ago|reply
[deleted]
[+] [-] dahart|3 years ago|reply
So we’ve never had a right to not have our whereabouts known or tracked, but companies and the govt have also never been able to track everyone extremely easily until recently. So there’s legitimate concern that the ease and scale of location tracking mean that we should perhaps establish a right to some privacy, but I’m not sure how that stands up to other people’s rights to see you and identify you when you’re in public.
I was just thinking about the famous “Photographer’s rights” pamphlet that has gone around the internet for a while, and people who post YouTube videos of being harassed by police or security guards who claim photos can’t be taken of a building or site when the photographer is standing on public ground. The pamphlet patiently explains that you’re allowed to photograph anything visible from public land. Googling, I see a page at ACLU dedicated to the same idea https://www.aclu.org/issues/free-speech/photographers-rights
I’m thinking about the future: imagine people made a stink about cars transmitting this data, and companies deciding instead to install cheap cameras everywhere on all roads. How do the photographer’s rights interact with people’s expectations for privacy? What should we expect, and what expectations are unrealistic and need adjusting? Are there any developments were lawmakers are addressing where the right boundaries are between public rights, private data, and the scale of cheap ubiquitous digital tracking?
[+] [-] gumby|3 years ago|reply
I think it’s pretty clear from precedent you have none.
Every vehicle displays a unique number in large, readable type, and has for longer than any person has been alive. I haven’t seen any objections.
The same applies to driving licenses that are covered in very personal information which is handed over willy-nilly to anyone who asks for it.
In California they make it clear that driving is a “privilege”, not something in which you have any rights.
Edit: another example: notice that the automatic toll collection systems are always implemented as registration+billing based systems rather than as any kind of privacy-protecting cash-like schemes.
[+] [-] RHSeeger|3 years ago|reply
Along the same lines, if an office follows someone (they believe might be related to a crime, etc) around town to track their whereabouts, that seems within reason. If the police force (using advances in technology) tracks the whereabouts of all people at all times, it's unreasonable. It's the same thing, just at a different scale.
We need to find an effective way to allow the "components" of something that isn't allowed, without allowing the thing itself.
[+] [-] gernb|3 years ago|reply
It used to be it was rare for me to see a major violation. Now it's is literally every single time I go for a drive or ride my bike, at least in the city of San Francisco, that see (a) someone running a red light, (b) someone turning right from the 3rd lane (meaning they should be in the first lane), (c) someone turning left illegally before the on-coming traffic when the light turns green, (d) driving for blocks in the bus only lanes, I even saw someone drive down the wrong way down a one way street to take a short cut. Often I see 2 to 3 of these during a single outing.
If more surveillance would stop this then I'm for it.
I'm curious what changed (a) my noticing ... I really don't think that's it but it's possible (b) people for some reason no longer giving a fuck (c) too many video games (half joking, half not, personally love video games but of course in a video game you drive however you want. Of course you also kill people in video games (d) cycling culture bleeding into driving culture. (e) ....
[+] [-] mdp2021|3 years ago|reply
From public land I can see people sunbathing in their gardens.
For a photographer, there may exist an excuse such as "yes but the landscape in the background"...
For data such as the routes of a car¹, there is no excuse.
(¹Which does not overlap with "what enters or leaves a territory" - monitored in many administrations.)
[+] [-] II2II|3 years ago|reply
As for photographer's rights, I work in a public space. I don't care whether people photograph me unless it crosses the line of harassment. Likewise, if I notice someone taking photographs of other people's children, I will do my best to make them feel uncomfortable with their actions. Context is always important.
The idea of what is public and private data is also constantly changing. I recall governments making public data available online in the mid to late 1990's. Records that you could visit government offices for in prior decades (e.g. certain types of property records) were viewed in a very different light once they became easily accessible. These changes will continue to handle, in part to balance rights but also because we need to address an imbalance of power due to an imbalance in access to information.
[+] [-] asiachick|3 years ago|reply
this might be true in the USA but it is definitely not true in Japan. People's right to privacy trumps your right to take pictures in public. In crowds it's usually not a problem but make a particular person the subject of your photo and you could easily get in trouble. Same for buildings if you publish the photo
[+] [-] walnutclosefarm|3 years ago|reply
Or public air space, for that matter.
[+] [-] samstave|3 years ago|reply
[+] [-] calvinmorrison|3 years ago|reply
[+] [-] ldayley|3 years ago|reply
[+] [-] xanaxagoras|3 years ago|reply
Legal protections would be nice, but I'd like to stop being stalked _immediately_.
[+] [-] jareklupinski|3 years ago|reply
> Vehicle Data... After your Vehicle’s ignition is turned off, the Vehicle transmits the location of the Vehicle and the time it was turned off.
If every car with Sirius installed transmits the time and location when it was switched off to marketers, that would close the loop on all those "I just moved to this place and I'm getting local robocalls to my cell number".
[+] [-] MSM|3 years ago|reply
This is more than likely just a combination of National Change of Address database (which is updated daily, I think, and there seems to be a lot of companies selling it) and some marketing information from one of many services that sell it, almost all of which contain your cell phone.
[+] [-] pilgrimfff|3 years ago|reply
https://www.edq.com/glossary/ncoa/
[+] [-] otikik|3 years ago|reply
Is there a list of cars which don't have remote data collection?
[+] [-] Cupertino95014|3 years ago|reply
Forgetting about the smartphone data, many cars have a Navigation system, which means the car itself knows where you are. Is it being communicated in real time, or does the car at least remember?
I actually asked someone who works in car automation this very question, and he said it's really manufacturer-dependent.
The car manufacturers are hoping no one digs into this. So let's dig.
[+] [-] Cupertino95014|3 years ago|reply
If you sell or otherwise transfer your vehicle, it is your responsibility to delete all information (such as contacts, address look-ups, saved map addresses, or preferences) from the vehicle and contact us to transfer or cancel your account. If you do not delete this information, it may remain in the vehicle and may be accessible to future users of the vehicle. For instructions on how to delete information from your vehicle, please refer to your vehicle owner’s manual.
So apparently, if you look a place up (say, the motel where you and your extramarital partner meet), it stays with the car and/or your OnStar account.
[1] https://www.onstar.com/us/en/privacy_statement
[+] [-] userbinator|3 years ago|reply
GPS itself is entirely passive. The last position is definitely stored in the receiver to make it faster to acquire a position fix the next time it's turned on, but the question is whether that is sent outside the car. A standalone GPS unit of the type that people add as an aftermarket accessory, instead of being integrated, will almost certainly not be transmitting its location elsewhere.
[+] [-] reaperducer|3 years ago|reply
The dealer charges about $200 to do it. It's probably possible for someone to do it on their own, but I don't drive enough to bother looking it up.
[+] [-] spinny|3 years ago|reply
[+] [-] nobody9999|3 years ago|reply
Much of the discussion seems to be around the government (usually, but not limited to, police) monitoring the location and operation of a vehicle on public roads.
While I'm not a huge fan of government surveillance, registering a vehicle (and obtaining a driver's license) and monitoring the performance of that vehicle (and its driver(s)) are governmental functions purporting to ensure the safe operation of a vehicle.
Corporate entities, like auto manufacturers, dealers and "tech" companies have no such responsibility, nor do they have any role in (except in abiding by the law/regulation -- e.g., emissions standards).
So, unless there is some sort of government mandate to collect such information, corporate entities have no reason (other than their own profit) to collect location, velocity and/or in-vehicle activities.
IMNSHO, that they do so should be much more concerning than red light or speed cameras, being followed for a few miles by the police, or as is popular where street parking is a thing, checking registration/inspection expiry.
Just as one (or should be) is horrified by the levels of tracking by corporate entities on IOT devices, "smart" TVs, dishwashers(?!?), etc., etc., etc., why are folks focusing on the government here?
They aren't gathering the boatloads of information being collected by the corporate entities (and if the government starts buying such data, they should be smacked down hard!) that are invading/destroying what little privacy we might have.
As such, I don't get why the focus is on the government rather than on the folks actually gathering all this data.
[+] [-] i67vw3|3 years ago|reply
PC/laptops were first, smartphones were done next and now car are too be 'degoogled'.
Edit:- 'Smart' TV's were between smartphones and cars.
[+] [-] mdp2021|3 years ago|reply
You do not open to security risks when advantages are negligible or even negative (privacy issues make them negative).
[+] [-] pessimizer|3 years ago|reply
[+] [-] jbotdev|3 years ago|reply
I wonder if you turned off the “online” search results and routing if it would shut off data collection, or if you’d have to physically cut off the cell connection.
[+] [-] codedokode|3 years ago|reply
> Otonomo is one example of the dozens of companies that market their attempts at keeping information anonymous. Otonomo describes its platform as having “privacy and security by design” and notes the use of patented “data blurring” technology to protect user privacy.
> It also has an “Otonomo Driver Pledge” page promising drivers the ability to easily grant or revoke access to personal data,
This doesn't add up. If they collect only anonymized data, then they won't be able to find that customer's data and do anything with it.
[+] [-] redtexture|3 years ago|reply
This can be looked up. I suspect it is not their own patent though, so not under their own name.
[+] [-] RyJones|3 years ago|reply
[+] [-] Incipient|3 years ago|reply
[+] [-] bertil|3 years ago|reply
With cars and their drivers killing more than a million people every year, a little constructive feedback would be a major help to avoid so many tragedies.
[+] [-] codedokode|3 years ago|reply
Also, this shows that no matter if you pay for the product or not, you become the product for squeezing the data anyway.
Also, this could be a national security issue everywhere except US if US government would be able to track the cars all around the world. For example, what if they will track the cars used by defence industry employees or military personnel?
Such tracking equipment should be banned for import, but it is more likely that local government will just ask to provide the data to them too.
[+] [-] AinderS|3 years ago|reply
Because it's not due to money, but power. They have the power to put spy devices in so many cars it becomes (near) impossible to buy one without, and so they do it.
A product only respects your rights if you can control it, if you have the power and leverage to change how it works. If you don't, you get user-hostile features whether you like it or not (the Intel Management Engine, and its AMD equivalent, being just two examples).
[+] [-] WarOnPrivacy|3 years ago|reply
If auto financing taught us something, it's that manufacturers are compelled to control every monetization opportunity.
I expect car companies will soon give their partners a choice - either sell yourselves to us or get locked out.
[+] [-] pessimizer|3 years ago|reply
[+] [-] sam-s|3 years ago|reply
It is hard to summarize the situations briefly, but, essentially, the government can do whatever they want and the courts hardly ever slap them on the hands.
(IJ also _fights_ these issues in court pro bono - they are a law firm! - so supporting them looks like a good idea. disclosure: I am not affiliated with them in any form, just a podcast listener and a very minor donor)
[+] [-] byteduck|3 years ago|reply
[+] [-] colordrops|3 years ago|reply
[+] [-] LAC-Tech|3 years ago|reply
[+] [-] Pakdef|3 years ago|reply
[+] [-] rad_gruchalski|3 years ago|reply
[+] [-] mertd|3 years ago|reply
Someone really needs to qualify the boundaries of what is considered a breach of privacy.
Sending location, heading and speed anonymously is perfectly ok by me because in return we all get real time congestion aware routing.