auto manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record and intercept customers’ private text messages and mobile phone call logs.
But the appellate judge ruled Tuesday that the interception and recording of mobile phone activity did not meet the Washington Privacy Act’s standard
Privacy is a fundamental human right.
Just not in Usa, as it seems. Here it is indeed the law that needs to be fixed.
https://www.humanrightscareers.com/issues/is-privacy-a-human-right/
To be fair, pretty much every government breaks its own rules, particularly when privacy is involved.
We have the largest and most invasive world governments in the history of the world thanks to the overwhelming technology that allows such a thing. And even governments that pretend to follow the rules just get their buddies in another country to do their dirty work for them. “I can’t spy on you, but England can!”
Yeah and if the government is doing it you know other people have gotten their hands on it and are using it for gains.
Isn’t the EU trying to outlaw end-to-end encryption?
That was France, not the EU
Isn’t this just a basic legal concept?
“In order to claim damages, there must be a breach in the duty of the defendant towards the plaintiff, which results in an injury”
Basically the judge is saying the plaintiff didn’t establish the basic foundation of a tort case. He’s not saying this isn’t wrong, he’s saying they didn’t present the case in a way that proves it.
It’s not enough to say “you shouldn’t be doing this”–even if that’s true.
the question here is, on it’s face does an invasion of privacy constitute an injury? I’d argue that yes, it does. Privacy has inherent value, and that value is lost the moment that private data is exposed. That’s the injury that needs to be redressed, regardless of whether or how the exposed data is used after the exposure. There could be additional injury in how the data is used, and that would have to be adjudicated and compensated separately, but losing the assurance that my data can never be used against me because it is only know to me is absolutely an injury in and of itself.
For privacy to have inherent value, it first must be an established, inherent right. Unfortunately, the Constitution doesn’t talk about it to my knowledge. I’ve always inferred that our rights against unlawful search and seizure basically encapsulate the concept, but whatever.
The rights in the fourth amendment are generally a limit on the government, not what a third party does when it has a TOS/contract with you allowing it to do things.
It sounds like you’d make a better lawyer than whoever brought this case.
I agree with you for whatever it’s worth.
I mean how did I get checks from Google and Facebook for violating privacy then?
The lawyers proved the case
Those checks go to the larger YouTube channels, not people like you and me. Did you mean something different?
/s
Sure except under this logic there’s no injury to someone peering through your windows. After all they didn’t do anything else…
Nice take.
I myself am fine with the ruling, but only if we get a full-ownership deal on the car, and can legally completely gut and replace parts that do that. Also, the car should be sold with a warning label regarding these issues.
Take a page from the conservative/GOP playbook and just find an activity judge who will wholesale accept your fabricated claim and provide a favorite judgement.
Disappointing result but this seems like something for the legislature to fix. Courts aren’t always the solution, sometimes you have to just fix the damn law.
But that would mean the politicians would have to actually work instead of photo ops and promises!!!
This is supposed to be covered by the fourthamendment but that’s been meaningless for over 20 years now
Amendment 4 does not apply to the practices of a private company. That’s what privacy legislation is intended to protect against. Amendment 4 only applies to spying done by the State.
The state is just spying via a proxy.
Do you actually literally believe that (in the context of law), or is that just rhetorical speech?
Dude the 3 letter agencies routinely buy data from these private companies
Correct and it is not illegal. It is an invasion of privacy but the law doesn’t prohibit that. Amendment 4 covers the Government doing it without the permission of the person who controls the information. It refers to “can the Government bust in or sneak in to get info”, not “can the Government make clandestine deals to buy info for surveillance purposes”.
Maybe it’s a loophole to help some friend’s ailing company with federal money
It’s literally what’s happening.
Texas used the same concept to empower private people to sue abortion providers and receivers under civil law since they couldn’t do it criminally.
The country as a whole has done it for a long time with cellphone data, the five eyes alliance, etc.
They have access to information they’re barred from getting directly themselves, and they get it from private companies. Spying by proxy.
If the purpose of collecting the data by private companies is to somehow make money, do you think that sharing this data, or conclusions based on this data, somehow manages to exclude access of governmental agencies? I’ve never gotten the impression that CIA/NSA would ever willingly play nice.
This is getting off-track again—
Government agencies paying private companies for your information, or even just asking for it in exchange for something or nothing is legal. That’s because nothing was searched unreasonably (because consent was given by the controller of the information) nor was anything seized against the controller’s will.
You are not in the picture. The information might be about you but you don’t control the information, the car company does. From a legal standpoint, you are irrelevant for the purposes of Amendment 4 protection.
Amendment 4 protects the controller of the information from Government seizure but does not protect the subject of that information. Privacy laws are what are intended to protect the subjects of information. There is some overlap of course. For example, your computer has lots of information about you and what you did in the past. You would be both the subject of the information and the controller (since it’s stored on your computer).
Please remember, I am describing what the law is, not what it should be.
What
If you want to call it that, you can. The State spying by proxy (paying or asking companies for info) is legal and not prohibited by Amendment 4. Amendment 4 does not protect the subjects of information. It protects the controllers of information (which would be the car company).
Just like with the first amendment, it doesn’t apply to private companies. The point is to prevent the government from passing tyrannical laws, it was never meant to district the activity of private citizens.
Very true.
Unfortunately corporations are becoming the government, without checks or constraints.
The “unlawful search and seizure” amendment? Why would that apply here?
Are you being serious? They release your data to the police if they ask
The Fourth Amendment will affect police, but it won’t restrict a random person who is given access to something from turning over whatever data they want to police.
Say I hire a painter, and the painter is painting my house’s interior, and sees a bloody knife in my house. He can report that to the police. But, remove the painter from the picture, and the police could not enter to look for such a thing absent a warrant.
'course, the flip side of that is that if the police get a warrant, then they can enter whether I want them in the house or not, whereas the painter can only enter because I choose to let him in.
That analogy is tired in the age of mass data collection without consent
I’m just telling you that that’s the way things legally are. You’re arguing about how you feel that they should be.
Not just police, any armed investigatory unit or state sponsored militia. The idea of a “police” force was pretty vague at the time, so the umbrella covers much more than it initially intended to.
Which makes no difference in the provided example.
I never said it did, just a relevant fun fact.
Is my car a random person? I thought it was an object that I own.
You’re getting a bit off-track here. The scenario is this: the company that provides the software for your care collects data. This part is unconcerned with Amendment 4. Amendment 4 prohibits the State from collecting information and searching unreasonably. It does not prohibit the private company that provides the software from doing so. That is what privacy laws are intended to protect against, not Amendment 4.
Amendment 4 also does not prevent the company that collected that data from providing it to the police upon request. Amendment 4 (and the rest of the US Constitution) applies only to the State. Private companies and private individuals are not bound by it.
Youll own nothing and like it
You’re willingly giving this data to the manufacturer, at which point they’re free to do with that data whatever they please, according to the terms of the agreement you sign, including giving that data to government authorities. The government isn’t unlawfully searching and seizing because they aren’t even forcing the manufacturer to give up the data, they are freely giving it as they are allowed.
This isn’t to say I’m defending the privacy violations or the government, but it is the case that this situation isn’t protected by the constitution, we have to and should make a specific law for it.
You are implying that any data gathered will be delivered to the government upon request (unsure if you are implying with or without a warrant). If you can show me from this article, or even this case, regarding this privacy case that that happened, then yes I agree with you and the fourth amendment applies.
But this issue is between private entities which generally precludes amendments from being applicable. Specifically, the plaintiffs alleged that the infotainment systems collected and stored personal data without consent and violated Washington’s Privacy Act.
I’m not implying anything
An Annapolis, Maryland-based company, Berla Corporation, provides the technology to some car manufacturers but does not offer it to the general public, the lawsuit said. Once messages are downloaded, Berla’s software makes it impossible for vehicle owners to access their communications and call logs but does provide law enforcement with access, the lawsuit said.
deleted by creator
America sucks. Seriously. I’m just waiting for another country to bring it to the USA, because it seems inevitable.
People gotta stop putting faith into these ultimately crooked nations.
Will it be another country though? Seems like the power has shifted and is continuing to shift from the nation state.
I wonder how long until we get to jailbreak our cars just so those cock suckers can’t spy on us.
Technically you already can. I just hope you have extensive programming knowledge because you’re going to have to take an axe to the existing code.
May be able to find and remove whatever it’s using as a cellphone antenna.
Sorry your car just stopped working for “safety” reasons.
If that were the case, there would be traffic jams in tunnels across the country due to disabled cars.
Nah, it just detects the presence of the hardware.
But not the faraday cage around the telematics unit.
Yeah I’m not saying it’s impossible. Just not easy.
This is why I keep my 2006 toyota in tip top shape. I will drive that car as long as I possibly can.
I’ve got a 2007 Kia that I’m planning to drive until I can’t fix it anymore
So far that’s proving to be a pretty easy given the cost and availability of parts
Really considering taking out a loan just to fix an old car instead of buying new.
deleted by creator
I’m taking my 2006 Avalon to 300k miles and beyond!
What’s the difference between never connecting your phone to a brand new high tech car and having no tech in an older car?
New car is still connected and is monitoring your driving habits, whether you wear a seatbelt or not, possibly recording your conversations, and even keeping track of your weight with the sensors in the seats.
And monitoring your location, don’t forget about that. You can tell a lot about a person just by seeing where they go every day.
this is why i don’t own a car
In my region, where public transport doesn’t exist much at all, if you don’t drive, you might not eat or work (the lucky few work remotely, but not all).
i’m sorry but are you commenting this for any reason other than to make yourself feel better about owning a car? i see people doing this all the time and i don’t get what other reason there would be to bring it up as the immediate response to comments about going car-free
yes, obviously you can’t live without a car if you need the car to live! but millions and millions of people would actively enjoy life more without a car.
I’m sorry, but are you being this snotty for any other reason than to make yourself feel better for being rude?
Delete this nephew
One of these companies needs to be beached to prove damages, I guess.
Time for an old fashioned beach-off
So ask the judge why car companies want to track judges?
I mean ok but the fact that your car is spying on you has to break a thousand big tech nda’s
Well… fuck. More reason to not buy newer cars. At least you Americans are lucky. You can drive a dinosaur if it met with regulations. You technically don’t have to buy new cars… ever.
The scary thing? Define “new”. This judgment is from a lawsuit in 2014. So any car made in at least the last 9 years is doing this. Maybe newer cars are doing even worse things.
Yep.
Setting aside questions of legality, it seems kind of like it wouldn’t encourage someone to purchase their cars.
Not a problem! Jack used car prices up to new cars, prevent public infrastructure and provide benefits for cars, all car manufacturers have similar privacy policies. Combine all three and you have customers that need a car to live, might as well get a new one if decade old ones are the same price or have no stock, and suddenly there isn’t much choice.
That only helps when there’s viable alternatives. Since pretty much all auto manufacturers do something like this it’s not really a distinguishing feature.
And even if it was: how much worse/more expensive would a car need to be for you to not pick it over one that reads your text messages. And then ask the same question not for “you”, but for the average consumer. Then be sad …
Yeah but the vast majority of car buyers won’t know about this or care. We’re all privacy advocates here but everyone and their mother is on Facebook or Instagram and is happily giving away all their information already anyway.
We’re all up in arms about this here in this thread, located in a self-selecting micro-community of people centered around a shared interest in the control of our data. If you called your mother and told her about this would it stop her from buying a new car in the future?
Correct, the vast majority of people don’t care.
Obvious next question: how’s the privacy policy on 3rd party stereo makers like Pioneer, Kenwood, Alpine, Jensen, etc.?
Why risk it? Build your own with a raspberry pi and a touchscreen.
This is what I want, but they make it very difficult to build something with parity unless you’re willing to sniff CANBUS codes one by one
unless you’re willing to sniff CANBUS codes one by one
This would only be necessary for cars with climate control in the touchscreen right?
Or if you have other features you don’t want to downgrade. For example, my 2016 Mazda has errors, oil status, and a bunch of other system info accessed through the headunit.
But I’m a little data-obsessed right now, so I acknowledge I might be the weirdo
Got a link to a good project of that type? I’ve been thinking about this recently.
I haven’t done it myself, so I hesitate to recommend a specific project. But Carpi and OpenAuto are good places to start.
Should be better since they usually don’t have an uplink capability. But be real careful of any model that has Internet for any reason.
It can’t be illegal because you agree to allow them when you purchase the new vehicle. It’s all there in the T&C and PP, which no one ever reads. Don’t like it? Don’t buy new cars. I won’t.
So if I buy a used car they can’t do all that right?
Right?
Same privacy policy authorizing them to harvest your data, but older cars have a more limited capability to collect data compared to newer cars filled with sensors, cameras, and phone integrations. Plus older cellular networks are defunct for older vehicles so they can’t just exfil it without you helping or bringing it in to physically access it.
The issue is that this 20 year old car is not going to last forever or have replacement parts available forever. We need better privacy laws, because time and entropy will eventually force us all into this evil mess.
Agreed! What would be amazing though, is a manufacturer who could make a modern safe bare-bones vehicle that didn’t have the tech installed at all. If you want tech you could BYO.
Yes, I drive so rarely I would honestly be happy with any crappy old stereo to save a few thousand bucks. I’m lucky my ~2015 car still has completely separate radio and functions (climate, errors, etc.)
I would want to put in a good dashcam system though. Give me the bones; then let me DIY
Illegal terms in T&C are still illegal regardless of whether you agreed to them or not in the US.
Well I am still so happy that I decided specifically to get a newish car that doesn’t have a touchscreen or any of this nonsense.
What model did you buy? It is rare to see one these days that doesn’t have all this nonsense.
2015 Buick encore. I did remove the fuse for the OnStar satellite nonsense though.
Thank you for sharing the information!
Wait, how are CARS intercepting mobile activities?
When you connect to Bluetooth, it asks your phone to share call, contact and SMS information.
Think like the old horrible headunit text implementation, the ability to scan your contact list from the car, and see your recent calls.
When you comment to Bluetooth, it asks your phone to share call, contact and SMS information.
So they are intercepting your calls and messages with your permission? I don’t see the problem. If you don’t want them to do that, click “deny” when your phone asks if you want to share them with the car.
I think it’s more of an issue with what the car does with that data. Is it communicated to you in some way, or sent to headquarters to be added to your file for future sale?
If it’s the former, no harm no foul. If it’s the latter, it needs to be burnt with fire.
“I don’t understand, if you don’t want crushed orphans, just don’t toss them in the orphan crushing machine”
Well maybe they shouldn’t have an orphan crushing machine in the first place.
Through android auto and apple car play would be my guess, but i don’t know.
There’s no way Apple lets the automaker access app data from your phone. Apps on the phone can’t even see data from other apps on the phone.
There are two ways I can think of for the infotainment to get the messages. The first is by OCR-ing the CarPlay screen, which is shady as hell. The second is a feature like this one where the car has Bluetooth notification integration.
Regarding OCR theory, the screen never shows messages. It only will read them aloud because you’re driving and shouldn’t be reading your texts.
Apple doesn’t allow it. Users do , when they agree to share whatever let’s the funny nightmare rectangle play trendy and pleasant sounds from car sound nozzles. While also an automated voice reads texts aloud in the name of hands-free, for all occupants (and some outside if the volume is up). And also it needs to contact info, to make calls for all the silly-fillies that want to use siri while driving. And shoot to reply to meemaw with a family photo siri needs to access your images.
Meanwhile your new infotainment system is sending all this off like a $45,000 copier that it is, sending it off in packets when it gets wifi signals, because the kids needed in-car wifi for their Xbox on road trips.
One of the things it asks permission for when hooking up Bluetooth etc is “call history”, “contacts” or “text messages”
I’d assume the system needs those to read it messages or call/redial. It wouldn’t need OCR to do other things with that data
Apple probably just lets it happen.
Mozilla tested a bunch. Try a search on the platform and see.