[embedding-shape]

And once you've gotten rid of Google and Apple, your telecom company tracks you, your CC payments help track you and even cameras in public do.

It's hard to not want to throw your hands in the air screaming "whatever" when almost everything you use in public is somehow used to track you either as you move around, or in the future.

[dualvariable]

This is one of those things that can't ever be solved with individual solutions but needs to be solved through legislation and standards, and ideally a fundamental right to privacy (and a fundamental redefinition of what privacy means when it comes to corporate surveillance of individuals).

[frumplestlatz]

Your point is aptly demonstrated by the article — the car may still use tethering via Bluetooth to exfiltrate your data[1]. The workaround of always using a wired connection is both inconvenient and unreliable — the same facility could be added for wired connections at any time.

I would like to see some form of IP/property rights applied to user data, with treble damages for willful infringement.

The entire concept of collecting user data and calling it “telemetry” needs to be abandoned — including (especially) in the software industry. Collecting any user data ought to be something that makes corporate lawyers nervous.

Unfortunately, I expect that to happen roughly after hell freezes over.

[1] I couldn’t confirm that any car currently actually does this. Hypothetically, iPhone tethering is possible over both USB and Bluetooth if personal hotspot is enabled.

[GJim]

Needless to say, cars in the UK/EU have no such privacy invading features without an explicit opt-in thanks to sensible data protection legislation; including the GDPR.

The FUD spouted on here by the scummy adtech industry about legislation to protect YOUR privacy is mind boggling. These are the people doing the digital equivalent of sniffing your underwear to work out what you had for breakfast.

(And before somebody shouts FUD about the UK/EU vehicle eCall 112 system, that certainly doesn't track you or seek to invade your privacy on any level!)

[monegator]

>cars in the UK/EU have no such privacy invading features If you say so.

Maybe if you buy the car with cash, but if you finance it you are leasing from a company that has definetly accepted all the terms and conditions to capture and sell all the telemetry to various parties

>without an explicit opt-in

check out at a modern volvo/audi/whatever, they are making it so difficult to say no every single time the screen is powered on

[tpm]

In addition to the eCall system, note there is also the mandatory OBFCM (On-board Fuel and/or Energy Consumption Monitoring Device), that data is then downloaded from the vehicles using OBD during checks.

The data is anonymized and you can opt out, but many people probably don't know it's collected in the first place.

[SV_BubbleTime]

> Needless to say, cars in the UK/EU have no such privacy invading features without an explicit opt-in thanks to sensible data protection legislation; including the GDPR.

Automotive EE here... You are completely wrong and your rationale is based on misunderstandings of the laws.

I have absolutely no idea how the laws work either, we’re the same. But, I promise you every single car in the EU with GPS and cell is reporting telemetry. Every and all.

[GJim]

Replying to my own comment to inform the reader that the fluctuation in moderation points I'm seeing is frankly, extreme! It looks like my parent comment has really touched a nerve here on HN: Privacy supporters Vs Adtech supporters, or maybe those who believe in rule of law, and those who think they can do what they like with others private data.

[M95D]

> (And before somebody shouts FUD about the UK/EU vehicle eCall 112 system, that certainly doesn't track you or seek to invade your privacy on any level!)

How do you know?

BTW, the checking all the opt-ins is usually the first thing the sales person does when selling a new car.

[golem14]

I'm tempted to say "oh you sweet summer child", because it seems just unbelievable that the statement is true (in the sense that the small print in rental cars and sales contracts doesn't allow it, ot it's done by law enforcement agencies surrepticiously).

But maybe it IS true. I know it's legally mandated.

[GJim]

> it seems just unbelievable that the statement is true

So do you think UK/EU vehicle manufactures are deliberately in mass breach of data privacy law... fully knowing the cost of a consumer backlash, fines and vehicle recall costs to fix any law breach?

Really?

It's genuinely amazing how many Americans on here (a tech news site!) are unaware of data privacy law and expectations outside their homeland.

[jaapz]

> So do you think UK/EU vehicle manufactures are deliberately in mass breach of data privacy law... fully knowing the cost of a consumer backlash, fines and vehicle recall costs to fix any law breach?

They were also in mass breach of vehicle emission laws. The fact that there was some backlash (although people didn't really stop buying VAG cars), people got prosecuted, the company got fined, didn't really change their decisions while they were pumping out fraudulent cars.

Yes, we should have privacy laws like this in the EU, this is a good thing! But thinking that, when these laws are in place, all companies magically will follow them is naive. To them it's still a cost/benefit analysis, and history has shown short term benefit trumps many other things for these companies.

[GJim]

ONE company did it (not a mass of them), resulting in massive fines and prosecutions; they certainly aren't going to do it again!

I'd also suggest the backlash from breaches in data privacy would be much larger than from fiddling emissions tests (as evil as the latter was, it actually saved many customers money on a (more polluting) car with higher performance).

[vladms]

> To them it's still a cost/benefit analysis, and history has shown short term benefit trumps many other things for these companies.

Doesn't that depend on the company though? Not all companies are focused in the same amount on short vs long term benefits.

There are costs of not following the regulation (example, did not check in detail: https://www.enforcementtracker.com/) and I do not hear (media, social network, etc.) anybody complaining about fines so I think it will just continue ad hopefully will change their opinion at some point.

[golem14]

I really do think there is a good chance that say MI5 or the BND or the DGSE flagrantly ignore the law to catch non-national evildoers, just as much as in the US. The temptation to do this 'in the name of security' is very high.

Of course, I can't or won't prove it.

And yes, I am _intimately_ familiar with the GDPR and other laws and regulations. The US also had (has) wiretapping laws that would have prevented snooping on Americans.

I'm not claiming the EU is no better than the US, it clearly has better intentions. But fundamentally, I think the EU will end up in the same place as the US sooner or later, simply because the same forces are at play: desire for security >> desire for privacy for most people if the rubber hits the road.

Here's some fun read for those who seek more info:

https://www.politico.eu/article/germany-privacy-watchdog-sid... https://www.bnd.bund.de/EN/Service/PrivacyPolicy/privacypoli... https://www.lexxion.eu/?newsletters_method=newsletter&id=477

[sailfast]

Yes.

Or, more succinctly - they are likely following the law but have figured out a way to avoid it as written using consumer opt-in and dark patterns.

You call it FUD, but this is hacker news and with overwhelming incentives it is not unreasonable to ask for verification that data isn’t being exfiltrated.

[idiotsecant]

Its quite easily solved. Stop buying them. There's lots of cars out there that don't have these fun features. Buy them.

[simplyluke]

> your CC payments help track

Not only that. Them and the point-of-sale vendors (aptly shortened PoS), sell that data. They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.

The websites (and even their retail locations) you buy from send your purchase data to meta and other advertisers directly via APIs so they can better track their marketing conversion rates. You can browse their APIs [1][2] to see what kind of data they like to get, but it tends to be every piece of identification they have on you. Rewards programs make this a much richer data set. You don't need to be a user of Google/Meta for them to build a marketing profile based on this. Google links your physical conversion from ads based on your maps data. Facebook does the same if you give them your location data. Many retailers attempt to use the bluetooth/wifi signals from your phone to track the same data even if you pay in cash [3].

There's no legal framework preventing this outside of the EU and California.

1: https://developers.facebook.com/documentation/ads-commerce/c... 2: https://developers.google.com/google-ads/api/docs/conversion... 3: https://www.nytimes.com/interactive/2019/06/14/opinion/bluet...

[lesuorac]

> They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.

Yeah I think the big thing to push or talk about is that there is no such thing as "anonymized".

There's only such as a thing as "can only be identified as X many people". Like for a given dataset you can make any data point correlated to 1 of say 50 people. If somebody is anonymizing data and they don't provide a k-anonmizity [1] you should just assume it's 1:1 and effectively not anonmized.

[1]: https://en.wikipedia.org/wiki/K-anonymity

[BobaFloutist]

I know it wouldn't fix everything, but I think it wouldn't be a bad start to just make it generally illegal to deanonymize data that was collected with the promise of anonymity.

[bamnet]

K-Anonymity isn't the only technique. Differential Privacy is arguably more robust.

[orthecreedence]

> They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.

    let anon_id = md5(SSN);

[like_any_other]

In the good old days, if you were found to be informing on your neighbors to hostile powers, you were liable to find yourself in a mass grave when the political winds shifted, or even sooner.

But now it's so convenient and discreet and common, we think nothing of it. Plus, Google and Apple and Facebook and their partners and everyone they sell data to are our friends, not enemies :)

[brikym]

A friend used to work in ad tech years ago. The telecoms sell real time location data to digital billboard companies which are targeted at whoever is nearby. It's basically minority report. I can definitely imagine they're now using visual processing and face recognition on the billboards.

[everdrive]

Nonetheless I'll still try to maintain what privacy I can.

[B1FF_PSUVM]

You do you, John C. Calhoun of Minerva Road, Springfield, CO.

An agent will be shortly with you to assist in that endeavor.

[kQq9oHeAz6wLLS]

> An agent will be shortly with you to assist in that endeavor.

In some parts of the world that's a death sentence for the target. In other parts, it's one for the agent.

[B1FF_PSUVM]

Oh, please. We're not cavemen here. A little coaching on internet best practices, a dash of psychological assistance, perhaps a girl scout cookie or two ...

[drnick1]

> And once you've gotten rid of Google and Apple, your telecom company tracks you, your CC payments help track you and even cameras in public do.

Maybe, but what happens without the mod described is that Google and Apple track you in addition to the telecom company. That, of course, assumes that you carry a cell phone tied to your identity. Some people refuse to carry cell phones altogether because of the privacy implications, or use them mostly in airplane mode with an anonymous SIM for backup.

[abc123abc123]

True, but we must not let the perfect be the enemy of the good. I don't own a smartphone, so neither google nor apple track anything about me that way. I leave my dumbphone at home when I'm out and about, so it basically works like a traditional landline phone, again, no data there (except for phone calls and textmessages of course).

My car is old, so no gps/trackers there, but this is troubling of course. I think that if/when I buy a new one, it has to be either some vintage car, or I have to find a workshop who can rip out all the tracking.

CC payments can be mitigated by paying cash, when available. But yes, CC and bank are a concern and so is CCTV.

[HeyLaughingBoy]

Whenever these "privacy concerns" come up, I can't help but remember Elf Sternberg (whatever happened to him?) mentioning in 1998 that online privacy was a lost cause because everything you did was in a database somewhere. The only thing that's changed in the intervening 28 years is that we produce even more data.

[HeyLaughingBoy]

> (whatever happened to him?)

He's apparently now better known for other aspects than his insights into large databases!

[jazzyjackson]

I use a googleless flip phone and just don't do anything important on it, and leave it behind often. We didn't always carry tracking devices with us, you can choose not to.

You can also buy an older car that doesn't come with a SIM card installed.

[abc123abc123]

This is the way! But note that telcos are working hard to ban dumbphones from their networks. There is a clear push to force people to dump dumbphones and accept the digital surveillane device.

Should that happen, I will move to a VoIP provider. Not perfect, but better than a smartphone.

[port11]

It’s still worth minimising how many companies get your data, and minimising the data itself. I’m not sure what data Apple and Google get specifically out of their car thingies, but it’s very easy to avoid using their car thingie.

[zekyl314]

Exactly, and more and more places are removing cash as a payment option :(

[razakel]

Cash handling isn't free, and for smaller businesses might actually end up being more expensive than accepting electronic payments.

[bigfishrunning]

If your margins are so razor thin that the cost of handling cash is significant, you need to raise your prices. Cash is legal tender -- not accepting it for in-person transactions is really shitty (maybe shouldn't be allowed?)

[9x39]

> you need to raise your prices.

And if the competitor doesn't? Ouch.

I think there should be a "digital equivalency act" or something to hamper full digital capture, but my feelings aside, there's a few powers that dislike cash:

Free people like cash, but businesses with low-skill/low-trust workers dislike cash because despite the CC fees, there is less theft, less overhead with cash reconciliation, cameras to watch cash with, less safes to manage, less cash pickup services.

The IRS hates it because there is a cash industry (as there should be, imo, but I'm injecting too much opinion already) that doesn't report earnings. I personally know barbers, housecleaners, handymen that admit to reporting no or few earnings, and synthesize a living off cash and benefits. If you stop paying taxes, this actually works pretty well compared to a low-end tax-paying job. My housecleaner takes overseas vacations (like, thrifty ones in hostels) 2-3 times a year this way.

Banks (arguably the IRS again, deputizing them with KYC) squint at you when you deposit or withdraw significant cash - ask any weed industry participants. Untrackable currency is a natural catch-all for people they don't want to bank with, so it's just friction and headache naturally.

[leothecool]

You can't even get coins counted for free at retail banks anymore. Cash handling is too expensive even for the place that ostensibly provides cash handling services to the general public.

[speed_spread]

Just make all your prices round up to the nearest dollar bill after tax. Eliminate coins at the source.

[whamlastxmas]

It's not about "just raise prices", it's about some industries (e.g. upstart restaurants) that already have massive failure rates and have hyper competition. Even airlines don't make money on flights, and instead only on selling credits cards or other perks.

If your operating costs are some percentage higher for accepting cash versus the coffee shop across the street that doesn't, you're more likely to fail.

[bigfishrunning]

If everyone has to accept cash, then everyone has the same costs and the point is moot. At any rate, courts are required to accept legal tender, and I think that requirement ought to extend to businesses as well.

[angoragoats]

> At any rate, courts are required to accept legal tender

Assuming you’re talking about the US here: there is no such requirement, at least not at the federal level. Individual states may have their own laws, but see for example this notice [0] from a Texas federal court that they will no longer accept cash as of May 21, 2021.

[0] https://www.txnb.uscourts.gov/news/notice-court-will-no-long...

[underlipton]

The real problem for those businesses is way upstream of payment processing costs, namely in the cost of business loans, the general poverty of the American consumer, and (for brick-and-mortars) zoning. The latter is a matter of getting municipalities to relax restrictions put in place mid-century literally to support segregation, and the former two are a matter of forcing the wealthy to eat the costs of their poor decisions from the last few decades, rather than continuing to allow them to socialize related losses through avenues like scandalously low labor pay vis a vis productivity and various investment/asset market scams (which, through housing and passive retirement investment, they've roped in Boomers and older Gen-Xers).

If you wish to make an apple pie shop from scratch, you must first invent an economy that isn't hamstrung by legacy obligations from ventures that people who are long-dead somehow were allowed to finance with your paycheck. (Somewhere, a middle-aged nepo-baby is clutching her pearls at the thought, and I just think we should cherish, rather than shy from, the opportunity to throw her and her siblings under the bus.)

[razakel]

"Legal tender" only means it must be accepted to settle a debt.

[rdiddly]

Walking out of the store with groceries generates a debt, no?

[phainopepla2]

I believe that's more likely to generate a criminal charge

[davchana]

No, eating food & then paying is a debt. After the services have been rendered. If seller can pull back the items, never provided the service, no debt.

[fragmede]

You can't go into a store with a gun and demand the cash out of the register if there is no cash.

[skrtskrt]

The actual cost is shrinkage from general human accounting mistakes and all the extra time it takes to manage.

I worked at the gym in college and we sold like one item a day and it was still a whole bunch of work and pain to keep up on the cash counts correct.

I definitely believe that all businesses should take cash as much as is reasonable, but logistically it is understandable why some choose not to

[bigfishrunning]

You shouldn't do that anyway; also, you can't skim a credit card I'm not using/carrying. There are crime arguments on both sides.

[Dylan16807]

Handling cash isn't free, but $0.30 + 3% or whatever is also a significant distance from free.

[asdff]

At least you can shut your cellphone off and pay in cash.

[asdefghyk]

RE .... company tracks you ..... [ somewhat off topis ]

Did you know ... in many countries government tracks car number plates and the data is stored for many years.

[kyleblarson]

1987 4runner, no phone, use cash.

[King-Aaron]

I have heard whispers at times that people who operate 'off grid' like this end up being viewed heavily as persons of interest.

Anecdotally via friends in law enforcement.

[kyleblarson]

I live in Idaho so I don't think that's much of an issue.

[HeyLaughingBoy]

You live in ID and you still have an 87 4-Runner that hasn't fallen apart from rust? I'm doubly impressed.

[techdmn]

Increasingly headed in this direction. Already have the old Toyota and use cash. I've been saying for years that advertising ruined the internet, we're getting to the point where surveillance is ruining computing.

[Henchman21]

Perhaps it's time to give up some convenience for old ways, eh?