We've already reported that many of the most popular cars on the road are absolute privacy nightmares, while it is well-known that the modern Software Defined Vehicle (SDV) is busy transmitting data to its manufacturer at a shocking rate.
But two US senators, Ron Wyden of Oregon and Edward J. Markey of Massachusetts, have conducted a recent investigation that lifts the lid on the sort of driver data exchanging hands and the measly sums it is sold for.
In a recent letter sent to the Federal Trade Commission (FTC), the pair of privacy advocates highlighted the type of data being harvested, which included how fast a driver accelerated, how hard they braked and how often they went over the speed limit, according to The New York Times.
These figures, which helped insurance companies accurately gauge driver risk, were neatly packaged up and then sold to the highest bidders. But the amount of money changing hands might just surprise you.
According to the investigators, data analytics firm Verisk paid Honda just $25,920 over four years for information about 97,000 cars, which works out to 26 cents per car. Hyundai was apparently paid just over $1 million, or 61 cents per car, over six years.
Unfortunately, GM withheld the exact figures it was making selling its customers' data, but sources close to The New York Times claimed that the automaker sold data on over eight million cars in the "low millions of dollars" range.
Given the right to reply, Chris Martin, a spokesperson for Honda, told The Times that "no identifiable consumer information was shared with any insurance company" without customers’ opt-in.
Similarly, Ira Gabriel, a spokesperson for Hyundai, said that the Bluelink connected car service had informed customers that data would be shared with Verisk when they activated Bluelink at the dealership.
Mining data for dollars
While many automotive manufacturers are championing the rise of connected services that are now available in both commercial and passenger vehicles, the harsh truth is that these companies are also seeing user data as an important revenue stream.
CapGemini, a global consultancy firm, estimates that automotive manufacturers could add as much as $800 billion to their annual revenues by monetizing driver data. Meanwhile, Stellantis, which owns Peugeot, Fiat, Alfa Romeo, Maserati and more, said that by launching its connected car business, Mobilisights, it would generate €20 billion in annual revenue by the end of the decade.
But much like those lengthy and confusing privacy statements that seem to pop up with every smartphone operating system update, the infotainment systems in today’s cars don’t make it easy to understand exactly how your data is being shared.
According to The New York Times, this is the third letter the FTC has received from congress calling for an investigation into the data collection in the US.
"Companies should not be selling Americans’ data without their consent, period," the letter from Senators Wyden and Markey to the FTC stated. "But it is particularly insulting for automakers that are selling cars for tens of thousands of dollars to then squeeze out a few additional pennies of profit with consumers’ private data."
While insurance companies will argue that this 'anonymized' data will assist in calculating more accurate premiums, it could also be deemed as an invasion of privacy. The only way to opt out? Disable the car's internet connection entirely.