auto manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record and intercept customers’ private text messages and mobile phone call logs.
But the appellate judge ruled Tuesday that the interception and recording of mobile phone activity did not meet the Washington Privacy Act’s standard
Privacy is a fundamental human right.
Just not in Usa, as it seems. Here it is indeed the law that needs to be fixed.
https://www.humanrightscareers.com/issues/is-privacy-a-human-right/
To be fair, pretty much every government breaks its own rules, particularly when privacy is involved.
We have the largest and most invasive world governments in the history of the world thanks to the overwhelming technology that allows such a thing. And even governments that pretend to follow the rules just get their buddies in another country to do their dirty work for them. “I can’t spy on you, but England can!”
Yeah and if the government is doing it you know other people have gotten their hands on it and are using it for gains.
Isn’t the EU trying to outlaw end-to-end encryption?
That was France, not the EU
Isn’t this just a basic legal concept?
“In order to claim damages, there must be a breach in the duty of the defendant towards the plaintiff, which results in an injury”
Basically the judge is saying the plaintiff didn’t establish the basic foundation of a tort case. He’s not saying this isn’t wrong, he’s saying they didn’t present the case in a way that proves it.
It’s not enough to say “you shouldn’t be doing this”–even if that’s true.
the question here is, on it’s face does an invasion of privacy constitute an injury? I’d argue that yes, it does. Privacy has inherent value, and that value is lost the moment that private data is exposed. That’s the injury that needs to be redressed, regardless of whether or how the exposed data is used after the exposure. There could be additional injury in how the data is used, and that would have to be adjudicated and compensated separately, but losing the assurance that my data can never be used against me because it is only know to me is absolutely an injury in and of itself.
It sounds like you’d make a better lawyer than whoever brought this case.
I agree with you for whatever it’s worth.
For privacy to have inherent value, it first must be an established, inherent right. Unfortunately, the Constitution doesn’t talk about it to my knowledge. I’ve always inferred that our rights against unlawful search and seizure basically encapsulate the concept, but whatever.
The rights in the fourth amendment are generally a limit on the government, not what a third party does when it has a TOS/contract with you allowing it to do things.
I mean how did I get checks from Google and Facebook for violating privacy then?
The lawyers proved the case
Those checks go to the larger YouTube channels, not people like you and me. Did you mean something different?
/s
Sure except under this logic there’s no injury to someone peering through your windows. After all they didn’t do anything else…
Nice take.
I myself am fine with the ruling, but only if we get a full-ownership deal on the car, and can legally completely gut and replace parts that do that. Also, the car should be sold with a warning label regarding these issues.
Disappointing result but this seems like something for the legislature to fix. Courts aren’t always the solution, sometimes you have to just fix the damn law.
But that would mean the politicians would have to actually work instead of photo ops and promises!!!
This is supposed to be covered by the fourthamendment but that’s been meaningless for over 20 years now
Just like with the first amendment, it doesn’t apply to private companies. The point is to prevent the government from passing tyrannical laws, it was never meant to district the activity of private citizens.
Very true.
Unfortunately corporations are becoming the government, without checks or constraints.
The “unlawful search and seizure” amendment? Why would that apply here?
Are you being serious? They release your data to the police if they ask
The Fourth Amendment will affect police, but it won’t restrict a random person who is given access to something from turning over whatever data they want to police.
Say I hire a painter, and the painter is painting my house’s interior, and sees a bloody knife in my house. He can report that to the police. But, remove the painter from the picture, and the police could not enter to look for such a thing absent a warrant.
'course, the flip side of that is that if the police get a warrant, then they can enter whether I want them in the house or not, whereas the painter can only enter because I choose to let him in.
Not just police, any armed investigatory unit or state sponsored militia. The idea of a “police” force was pretty vague at the time, so the umbrella covers much more than it initially intended to.
Which makes no difference in the provided example.
I never said it did, just a relevant fun fact.
That analogy is tired in the age of mass data collection without consent
I’m just telling you that that’s the way things legally are. You’re arguing about how you feel that they should be.
Is my car a random person? I thought it was an object that I own.
You’re getting a bit off-track here. The scenario is this: the company that provides the software for your care collects data. This part is unconcerned with Amendment 4. Amendment 4 prohibits the State from collecting information and searching unreasonably. It does not prohibit the private company that provides the software from doing so. That is what privacy laws are intended to protect against, not Amendment 4.
Amendment 4 also does not prevent the company that collected that data from providing it to the police upon request. Amendment 4 (and the rest of the US Constitution) applies only to the State. Private companies and private individuals are not bound by it.
Youll own nothing and like it
You’re willingly giving this data to the manufacturer, at which point they’re free to do with that data whatever they please, according to the terms of the agreement you sign, including giving that data to government authorities. The government isn’t unlawfully searching and seizing because they aren’t even forcing the manufacturer to give up the data, they are freely giving it as they are allowed.
This isn’t to say I’m defending the privacy violations or the government, but it is the case that this situation isn’t protected by the constitution, we have to and should make a specific law for it.
You are implying that any data gathered will be delivered to the government upon request (unsure if you are implying with or without a warrant). If you can show me from this article, or even this case, regarding this privacy case that that happened, then yes I agree with you and the fourth amendment applies.
But this issue is between private entities which generally precludes amendments from being applicable. Specifically, the plaintiffs alleged that the infotainment systems collected and stored personal data without consent and violated Washington’s Privacy Act.
I’m not implying anything
An Annapolis, Maryland-based company, Berla Corporation, provides the technology to some car manufacturers but does not offer it to the general public, the lawsuit said. Once messages are downloaded, Berla’s software makes it impossible for vehicle owners to access their communications and call logs but does provide law enforcement with access, the lawsuit said.
America sucks. Seriously. I’m just waiting for another country to bring it to the USA, because it seems inevitable.
People gotta stop putting faith into these ultimately crooked nations.
deleted by creator
I mean ok but the fact that your car is spying on you has to break a thousand big tech nda’s
I wonder how long until we get to jailbreak our cars just so those cock suckers can’t spy on us.
Technically you already can. I just hope you have extensive programming knowledge because you’re going to have to take an axe to the existing code.
May be able to find and remove whatever it’s using as a cellphone antenna.
Sorry your car just stopped working for “safety” reasons.
If that were the case, there would be traffic jams in tunnels across the country due to disabled cars.
Nah, it just detects the presence of the hardware.
But not the faraday cage around the telematics unit.
Yeah I’m not saying it’s impossible. Just not easy.
Obvious next question: how’s the privacy policy on 3rd party stereo makers like Pioneer, Kenwood, Alpine, Jensen, etc.?
Why risk it? Build your own with a raspberry pi and a touchscreen.
Got a link to a good project of that type? I’ve been thinking about this recently.
I haven’t done it myself, so I hesitate to recommend a specific project. But Carpi and OpenAuto are good places to start.
This is what I want, but they make it very difficult to build something with parity unless you’re willing to sniff CANBUS codes one by one
unless you’re willing to sniff CANBUS codes one by one
This would only be necessary for cars with climate control in the touchscreen right?
Or if you have other features you don’t want to downgrade. For example, my 2016 Mazda has errors, oil status, and a bunch of other system info accessed through the headunit.
But I’m a little data-obsessed right now, so I acknowledge I might be the weirdo
Should be better since they usually don’t have an uplink capability. But be real careful of any model that has Internet for any reason.
Well I am still so happy that I decided specifically to get a newish car that doesn’t have a touchscreen or any of this nonsense.
What model did you buy? It is rare to see one these days that doesn’t have all this nonsense.
2015 Buick encore. I did remove the fuse for the OnStar satellite nonsense though.
Thank you for sharing the information!
It can’t be illegal because you agree to allow them when you purchase the new vehicle. It’s all there in the T&C and PP, which no one ever reads. Don’t like it? Don’t buy new cars. I won’t.
So if I buy a used car they can’t do all that right?
Right?
Same privacy policy authorizing them to harvest your data, but older cars have a more limited capability to collect data compared to newer cars filled with sensors, cameras, and phone integrations. Plus older cellular networks are defunct for older vehicles so they can’t just exfil it without you helping or bringing it in to physically access it.
The issue is that this 20 year old car is not going to last forever or have replacement parts available forever. We need better privacy laws, because time and entropy will eventually force us all into this evil mess.
Agreed! What would be amazing though, is a manufacturer who could make a modern safe bare-bones vehicle that didn’t have the tech installed at all. If you want tech you could BYO.
Yes, I drive so rarely I would honestly be happy with any crappy old stereo to save a few thousand bucks. I’m lucky my ~2015 car still has completely separate radio and functions (climate, errors, etc.)
I would want to put in a good dashcam system though. Give me the bones; then let me DIY
Illegal terms in T&C are still illegal regardless of whether you agreed to them or not in the US.
You can get a car, just don’t connect your phone to it.
So ask the judge why car companies want to track judges?
Setting aside questions of legality, it seems kind of like it wouldn’t encourage someone to purchase their cars.
Not a problem! Jack used car prices up to new cars, prevent public infrastructure and provide benefits for cars, all car manufacturers have similar privacy policies. Combine all three and you have customers that need a car to live, might as well get a new one if decade old ones are the same price or have no stock, and suddenly there isn’t much choice.
That only helps when there’s viable alternatives. Since pretty much all auto manufacturers do something like this it’s not really a distinguishing feature.
And even if it was: how much worse/more expensive would a car need to be for you to not pick it over one that reads your text messages. And then ask the same question not for “you”, but for the average consumer. Then be sad …
Yeah but the vast majority of car buyers won’t know about this or care. We’re all privacy advocates here but everyone and their mother is on Facebook or Instagram and is happily giving away all their information already anyway.
We’re all up in arms about this here in this thread, located in a self-selecting micro-community of people centered around a shared interest in the control of our data. If you called your mother and told her about this would it stop her from buying a new car in the future?
Correct, the vast majority of people don’t care.
Wait, how are CARS intercepting mobile activities?
When you connect to Bluetooth, it asks your phone to share call, contact and SMS information.
Think like the old horrible headunit text implementation, the ability to scan your contact list from the car, and see your recent calls.
When you comment to Bluetooth, it asks your phone to share call, contact and SMS information.
So they are intercepting your calls and messages with your permission? I don’t see the problem. If you don’t want them to do that, click “deny” when your phone asks if you want to share them with the car.
I think it’s more of an issue with what the car does with that data. Is it communicated to you in some way, or sent to headquarters to be added to your file for future sale?
If it’s the former, no harm no foul. If it’s the latter, it needs to be burnt with fire.
“I don’t understand, if you don’t want crushed orphans, just don’t toss them in the orphan crushing machine”
Well maybe they shouldn’t have an orphan crushing machine in the first place.
Mozilla tested a bunch. Try a search on the platform and see.
Through android auto and apple car play would be my guess, but i don’t know.
There’s no way Apple lets the automaker access app data from your phone. Apps on the phone can’t even see data from other apps on the phone.
There are two ways I can think of for the infotainment to get the messages. The first is by OCR-ing the CarPlay screen, which is shady as hell. The second is a feature like this one where the car has Bluetooth notification integration.
Regarding OCR theory, the screen never shows messages. It only will read them aloud because you’re driving and shouldn’t be reading your texts.
Apple doesn’t allow it. Users do , when they agree to share whatever let’s the funny nightmare rectangle play trendy and pleasant sounds from car sound nozzles. While also an automated voice reads texts aloud in the name of hands-free, for all occupants (and some outside if the volume is up). And also it needs to contact info, to make calls for all the silly-fillies that want to use siri while driving. And shoot to reply to meemaw with a family photo siri needs to access your images.
Meanwhile your new infotainment system is sending all this off like a $45,000 copier that it is, sending it off in packets when it gets wifi signals, because the kids needed in-car wifi for their Xbox on road trips.
One of the things it asks permission for when hooking up Bluetooth etc is “call history”, “contacts” or “text messages”
I’d assume the system needs those to read it messages or call/redial. It wouldn’t need OCR to do other things with that data
Apple probably just lets it happen.
Just gotta get someone to hack their system. Then it’ll be easy to prove damages
Thank goodness for Signal
If you connect your phone to the car, can it spy on your Signal messages? I mean, they have to decrypt on your end for you to see them, right? Or has Signal taken specific steps to stop this?
At least with my headunit (2015 Toyota). It cannot read the signal messages. Additionally, I remove contact and text permission from Bluetooth to be especially sure.
This is the real answer to everyone. Limit access to the Bluetooth connection or don’t use the headunit.
Thanks for the info!
Yet another item on my list of why I’ll never buy a modern car.