Last week, the Mozilla Foundation many went wide-eyed when he revealed that almost every modern car is a “privacy nightmare on wheels.” Mozilla’s findings showed how car companies are allowed to collect huge amounts of their customers’ private information, including data on “sexual orientation” and “sexual activity.” BMW North America saw Mozilla’s report and decided to defend itself with a recent statement.
According to BMW NA, there are five alleged inaccuracies in Mozilla’s report that need clarification. Mostly, however, BMW NA emphasized that customers have the option to opt out of certain data acquisitions.
“All BMW vehicle interfaces allow consumers to choose whether or not to participate in various types of data collection and processing that may occur on their vehicles,” BMW NA said in its statement. “BMW customers can opt out of ALL optional data if they wish [emphasis BMW’s] collection related to their vehicles at any time by visiting their vehicle’s BMW iDrive screen.”
The key piece is opt out. Don’t opt In. In other words, all optional data collection in BMW vehicles occurs by default. Customers, many of whom understandably struggle to fully understand modern infotainment systems, need to go into their Bimmer’s iDrive settings and tell the car to stop spying on them, rather than telling the car that it is allowed to spy on them. And the other things?
“Furthermore, BMW drivers can, at any time, completely disable the transfer of all data from BMW vehicles to BMW services by disabling their eSIM on their vehicles by contacting BMW and completing a form.” It seems like an annoying process, but at least there is a way to completely disable data collection. There is a be careful, though: If you disable the car’s eSIM to stop any data transfer to BMW, you’ll also disable any connected services you may have paid for to extend. According to BMW, customers will voluntarily enable the eSIM and its transfer of data, “since eCall and SoS calls would not be possible after the cellular connection to the vehicle is disabled.” So you can turn everything off, but if you happen to get into an accident and need emergency responders on the line and can’t get to locate your phone, you’re toast.
BMW NA states in its privacy policies that “it does Not sell to its customers personal information, such as names, addresses, driving habits, vehicle identification numbers, or other information related to customers or their vehicles.” However, it does share personal information with dealers and business partners, but only in this last resort when customers “request that we do so.” Behavioral advertising data is said to be collected for its own products, and BMW says it does not send such data to third-party companies for its own marketing.
The automaker adds that customers can delete all their data via an online portal, as well as delete data from the MyBMW app. BMW NA further states that it will voluntarily comply with any customer privacy requests, regardless of the laws of your state. That’s good news, because the Mozilla team said they’re “pretty sure you won’t be able to delete your data if you don’t live in a place where the right is protected by law” in its relationship.
As for collecting insurance data and how fast you can or can’t drive, BMW says it operates an “authorization and consent” program. Customers can select specific companies with whom they wish to share their data via the MyBMW app. According to BMW, any data shared with insurance companies is solely the customer’s choice.
It’s encouraging that BMW provides customers with the ability to opt out of certain data collections and even delete their data, but that doesn’t allay all the valid concerns raised in Mozilla’s research. BMW NA, together with its colleagues, collects a huge amount of personal data and puts the onus on customers to specifically prevent it, which means that data collection takes place under the noses of countless owners. And while it’s nice to know that BMW doesn’t sell personal data, like names, addresses, or VINs, to third parties, that hardly means your data is completely safe with the company. The car companies did it leaked treasures of this information beforeAfter all.
Do you have advice? Send them to tips@thedrive.com