[dualvariable]

This is one of those things that can't ever be solved with individual solutions but needs to be solved through legislation and standards, and ideally a fundamental right to privacy (and a fundamental redefinition of what privacy means when it comes to corporate surveillance of individuals).

[frumplestlatz]

Your point is aptly demonstrated by the article — the car may still use tethering via Bluetooth to exfiltrate your data[1]. The workaround of always using a wired connection is both inconvenient and unreliable — the same facility could be added for wired connections at any time.

I would like to see some form of IP/property rights applied to user data, with treble damages for willful infringement.

The entire concept of collecting user data and calling it “telemetry” needs to be abandoned — including (especially) in the software industry. Collecting any user data ought to be something that makes corporate lawyers nervous.

Unfortunately, I expect that to happen roughly after hell freezes over.

[1] I couldn’t confirm that any car currently actually does this. Hypothetically, iPhone tethering is possible over both USB and Bluetooth if personal hotspot is enabled.

[GJim]

Needless to say, cars in the UK/EU have no such privacy invading features without an explicit opt-in thanks to sensible data protection legislation; including the GDPR.

The FUD spouted on here by the scummy adtech industry about legislation to protect YOUR privacy is mind boggling. These are the people doing the digital equivalent of sniffing your underwear to work out what you had for breakfast.

(And before somebody shouts FUD about the UK/EU vehicle eCall 112 system, that certainly doesn't track you or seek to invade your privacy on any level!)

[monegator]

>cars in the UK/EU have no such privacy invading features If you say so.

Maybe if you buy the car with cash, but if you finance it you are leasing from a company that has definetly accepted all the terms and conditions to capture and sell all the telemetry to various parties

>without an explicit opt-in

check out at a modern volvo/audi/whatever, they are making it so difficult to say no every single time the screen is powered on

[tpm]

In addition to the eCall system, note there is also the mandatory OBFCM (On-board Fuel and/or Energy Consumption Monitoring Device), that data is then downloaded from the vehicles using OBD during checks.

The data is anonymized and you can opt out, but many people probably don't know it's collected in the first place.

[SV_BubbleTime]

> Needless to say, cars in the UK/EU have no such privacy invading features without an explicit opt-in thanks to sensible data protection legislation; including the GDPR.

Automotive EE here... You are completely wrong and your rationale is based on misunderstandings of the laws.

I have absolutely no idea how the laws work either, we’re the same. But, I promise you every single car in the EU with GPS and cell is reporting telemetry. Every and all.

[GJim]

Replying to my own comment to inform the reader that the fluctuation in moderation points I'm seeing is frankly, extreme! It looks like my parent comment has really touched a nerve here on HN: Privacy supporters Vs Adtech supporters, or maybe those who believe in rule of law, and those who think they can do what they like with others private data.

[M95D]

> (And before somebody shouts FUD about the UK/EU vehicle eCall 112 system, that certainly doesn't track you or seek to invade your privacy on any level!)

How do you know?

BTW, the checking all the opt-ins is usually the first thing the sales person does when selling a new car.

[golem14]

I'm tempted to say "oh you sweet summer child", because it seems just unbelievable that the statement is true (in the sense that the small print in rental cars and sales contracts doesn't allow it, ot it's done by law enforcement agencies surrepticiously).

But maybe it IS true. I know it's legally mandated.

[GJim]

> it seems just unbelievable that the statement is true

So do you think UK/EU vehicle manufactures are deliberately in mass breach of data privacy law... fully knowing the cost of a consumer backlash, fines and vehicle recall costs to fix any law breach?

Really?

It's genuinely amazing how many Americans on here (a tech news site!) are unaware of data privacy law and expectations outside their homeland.

[jaapz]

> So do you think UK/EU vehicle manufactures are deliberately in mass breach of data privacy law... fully knowing the cost of a consumer backlash, fines and vehicle recall costs to fix any law breach?

They were also in mass breach of vehicle emission laws. The fact that there was some backlash (although people didn't really stop buying VAG cars), people got prosecuted, the company got fined, didn't really change their decisions while they were pumping out fraudulent cars.

Yes, we should have privacy laws like this in the EU, this is a good thing! But thinking that, when these laws are in place, all companies magically will follow them is naive. To them it's still a cost/benefit analysis, and history has shown short term benefit trumps many other things for these companies.

[GJim]

ONE company did it (not a mass of them), resulting in massive fines and prosecutions; they certainly aren't going to do it again!

I'd also suggest the backlash from breaches in data privacy would be much larger than from fiddling emissions tests (as evil as the latter was, it actually saved many customers money on a (more polluting) car with higher performance).

[lucianbr]

https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal#O...

> After news broke out of Volkswagen cheating on diesel emissions, multiple other vehicle manufacturers got caught falsifying emissions data, as well as exceeding legal emission limits. This uncovered a greater industry-wide issue that goes far beyond only Volkswagen Group.

[vladms]

> To them it's still a cost/benefit analysis, and history has shown short term benefit trumps many other things for these companies.

Doesn't that depend on the company though? Not all companies are focused in the same amount on short vs long term benefits.

There are costs of not following the regulation (example, did not check in detail: https://www.enforcementtracker.com/) and I do not hear (media, social network, etc.) anybody complaining about fines so I think it will just continue ad hopefully will change their opinion at some point.

[golem14]

I really do think there is a good chance that say MI5 or the BND or the DGSE flagrantly ignore the law to catch non-national evildoers, just as much as in the US. The temptation to do this 'in the name of security' is very high.

Of course, I can't or won't prove it.

And yes, I am _intimately_ familiar with the GDPR and other laws and regulations. The US also had (has) wiretapping laws that would have prevented snooping on Americans.

I'm not claiming the EU is no better than the US, it clearly has better intentions. But fundamentally, I think the EU will end up in the same place as the US sooner or later, simply because the same forces are at play: desire for security >> desire for privacy for most people if the rubber hits the road.

Here's some fun read for those who seek more info:

https://www.politico.eu/article/germany-privacy-watchdog-sid... https://www.bnd.bund.de/EN/Service/PrivacyPolicy/privacypoli... https://www.lexxion.eu/?newsletters_method=newsletter&id=477

[sailfast]

Yes.

Or, more succinctly - they are likely following the law but have figured out a way to avoid it as written using consumer opt-in and dark patterns.

You call it FUD, but this is hacker news and with overwhelming incentives it is not unreasonable to ask for verification that data isn’t being exfiltrated.

[idiotsecant]

Its quite easily solved. Stop buying them. There's lots of cars out there that don't have these fun features. Buy them.