Lawmakers audit automakers over GPS privacy breaches
Lawmakers Audit Automakers Over GPS Privacy Issue
GAO report investigates privacy protections for in-car navigation devices and apps.
January 16, 2014
The Newspaper.com
Ongoing revelations about the depth of domestic spying by the National Security Agency keeps individual privacy in the spotlight. In a report released last week, the Government Accountability Office (GAO) examined whether automakers and the producers of in-car navigation devices have been adhering to recommended privacy practices. The congressional watchdog agency, for the most part, was satisfied with what it found, though it identified a few areas where improvement was needed.
In 2012, 11.8 million motorists took advantage of "telematics" -- in-car communications systems that provide traffic information, navigation and related location-based services. Having access to the location data for so many customers presents opportunity for abuse, from stalking to selling information for advertising purposes.
In conducting the survey, the GAO auditors selected the six companies that sell 75 percent of new cars in the United States -- Chrysler, Ford, General Motors, Honda, Nissan, and Toyota -- along with the navigation device and app developers with the largest market share -- Garmin and TomTom; Google Maps and Telenav. The audit team reviewed documents and interviewed employees at each company.
All ten companies reported that they shared data with third parties to provide better serivces. For example, most automakers hand off the telematics services to another company. All ten also will supply data to law enforcement upon request. Two companies reported providing anonymized data to universities and federal agencies for research purposes.
The companies disclosed these data collection and privacy practices to consumers. The main flaw the GAO identified was the consumer's lack of control over their own information.
"We found that companies obtain consumer consent and provide controls in a variety of ways, but do not allow consumers to request their historical location data to be deleted when data are associated with an individual or vehicle," the GAO reported. "Without the ability to delete their location data, consumers are unable to prevent the use or retention of their data, should they wish to do so."
At the Consumer Electronics Show last week, Ford marketing vice president Jim Farley raised eyebrows on the subject of in-car privacy.
"We know everyone who breaks the law, we know when you're doing it," Farley said. "We have GPS in your car, so we know what you're doing. By the way, we don't supply that data to anyone."
US Senator Al Franken (D-Minnesota) responded Tuesday with a letter demanding Ford CEO Alan Mullaly reconcile Farley's statement with the GAO finding that Ford did, in fact, share data with third parties.
"I believe this is too little transparency," Franken wrote. "American drivers deserve better -- and Mr. Farley's latest statements underscore this problem."
A copy of the GAO report is available in a 1.3mb PDF file at the source link below.
Source: In-car location-based services (Government Accountability Office, 1/6/2014)