Across the world, car makers are offering more subscription-based services for in-car features, from heated seats to hands-free driving, to automated crash recording. This is usually on top of vehicle telematics, GPS tracking, and built-in Wi-Fi systems. Often, these services rely on a constant internet connection, which generates vast amounts of data.
While these features are undeniably convenient, especially for improving safety on the road, the fact that modern vehicles are always transmitting data to manufacturers and third-party providers raises concerns about privacy and surveillance.
Increased Data, Increased Access
Depending on the car brand and the network provider involved, a vehicle with an active subscription often transmits frequent GPS updates, telematics, and crash data, in-cabin audio/video, and driving behaviour like speed and direction. What’s worrying is that sometimes, even drivers who do not maintain a paid subscription may still have their car systems sending back data to the manufacturer.
A recent report by WIRED found that in the United States, internal police training documents showed law enforcement is already leveraging this data to track suspects. They do this through techniques like “pings” (where real-time GPS tracking of known vehicles is used) as well as through “tower dumps” (where they request mobile networks for a list of all devices near a crime scene during a set timeframe).
These tools allow authorities to track suspects, but privacy advocates have warned that it can also be used to sweep up data from bystanders who happen to be near crime scenes.
In one example, a California Highway Patrol presentation explained that vehicles with active subscriptions, such as GM’s OnStar, transmit location data far more frequently than brands like Ford. These discrepancies mean some drivers could be more easily surveilled than others, simply based on the car they drive.
Car Brands in Australia are Collecting User Data
In October 2024, consumer advocacy group CHOICE published a report saying 7 out of 10 of the most popular car brands in Australia collect and share data from drivers often without a clear explanation or meaningful consent.
Here’s what they found:
- Hyundai and Kia: Record voice recognition data inside the car and share it with AI companies like Credence for machine learning.
- Tesla: Captures short video clips and photos from in-vehicle cameras. Reports overseas have shown Tesla workers sharing invasive footage internally.
- Mazda: Collects so-called “voice consumption” data, though the term isn’t clearly defined in its policy.
- Toyota, Ford, MG, and others: Gather driving behaviour data such as speed, braking, acceleration, and vehicle location. Policies allow sharing with insurers and debt collectors.
- Mitsubishi, Subaru, and Isuzu were the only brands reviewed that did not appear to collect or share personal data beyond what’s required for basic services.
Furthermore, a June 2024 CHOICE survey found that 3 in 4 Australians disagreed with car companies collecting audio or video recordings from inside their vehicles.
Australia’s Privacy Framework Faces New Challenges
Australia’s Privacy Act 1988 and Australian Consumer Law provide some protection around personal information. However, these frameworks were not designed with today’s highly connected vehicles in mind.
Unlike other consumer products, cars now operate more like smartphones on wheel and are constantly transmitting data. Without stronger regulation specific to vehicle data, there’s a risk that law enforcement could access vast amounts of information without clear oversight or that manufacturers could share user data without fully informed consent.
Australia has already seen rising debate about metadata access by police without a warrant. Vehicle data could soon become another facet where law enforcement, armed with little more than a subpoena or other low-threshold request, might obtain detailed movement histories or real-time location tracking.
Although Australia has stronger protections against unreasonable search and seizure than some jurisdictions, the global trend suggests that corporate policies often determine privacy standards more than the law itself.
For example, some automakers might require a warrant before handing over data; others may comply with just a simple request, depending on their internal policies. If similar approaches are adopted here, Australian drivers could find their privacy dependent on the brand of vehicle they drive and the network operator they use.
What Australian Drivers Can Do Now
- Read the fine print: Understand your car’s privacy policy before activating any subscription.
- Turn off what you can: Some systems allow you to disable location services or telematics.
- Push for transparency: Demand automakers disclose exactly what data they collect, how it’s stored, and who it’s shared with.
- Support legal reform: Australia’s review of the Privacy Act must include strong protections for vehicle-generated data.
Final Thoughts
Subscription features are beneficial not only because of their convenience but also because they helps keep drivers safe on the road. However, the right safeguards need to be put in place, both from a regulatory and individual standpoint, to protect drivers’ privacy.
Did you find this article interesting? Click the ‘heart’ button above to give it a ‘like’!
