778
submitted 9 months ago by rinze@infosec.pub to c/privacy@lemmy.ml

Kenn Dahl says he has always been a careful driver. The owner of a software company near Seattle, he drives a leased Chevrolet Bolt. He’s never been responsible for an accident.

So Mr. Dahl, 65, was surprised in 2022 when the cost of his car insurance jumped by 21 percent. Quotes from other insurance companies were also high. One insurance agent told him his LexisNexis report was a factor.

LexisNexis is a New York-based global data broker with a “Risk Solutions” division that caters to the auto insurance industry and has traditionally kept tabs on car accidents and tickets. Upon Mr. Dahl’s request, LexisNexis sent him a 258-page “consumer disclosure report,” which it must provide per the Fair Credit Reporting Act.

What it contained stunned him: more than 130 pages detailing each time he or his wife had driven the Bolt over the previous six months. It included the dates of 640 trips, their start and end times, the distance driven and an accounting of any speeding, hard braking or sharp accelerations. The only thing it didn’t have is where they had driven the car.

On a Thursday morning in June for example, the car had been driven 7.33 miles in 18 minutes; there had been two rapid accelerations and two incidents of hard braking.

top 50 comments
sorted by: hot top controversial new old
[-] GolfNovemberUniform@lemmy.ml 185 points 9 months ago

I think this should be legally prohibited. Also is it possible to physically disconnected the network modules so they can't send anything?

[-] catloaf@lemm.ee 71 points 9 months ago

If it doesn't already, that's probably going to put you in the high-risk group with other car modders.

[-] ColeSloth@discuss.tchncs.de 16 points 9 months ago

It will be cat and mouse, but I would imagine for the time being, disconnecting the cell antenna on the board would stop it. Who knows what kind of, if any bullshit extra errors and codes that will keep popped up but I'm guessing if it became a popular thing, they would start making cars that will create bullshit errors and codes. I wouldn't do anything permanent until the warranty period is over.

load more comments (1 replies)
[-] sugar_in_your_tea@sh.itjust.works 24 points 9 months ago

Simple answer that should always work: surround the chip/antenna with a faraday cage. The hardest part is finding the chip, not in disabling it.

load more comments (3 replies)
[-] Sabata11792@kbin.social 14 points 9 months ago

I can't wait to see tuturials. I don't know much about cars and would love to see people disable these, or perhaps do something malicious. Not that I have a new enough car yet, but I know one day it's going to be unavoidable.

load more comments (4 replies)
load more comments (13 replies)
[-] agitatedpotato@lemmy.world 146 points 9 months ago

Comprehensive privacy law time? Nahh just ban the Chinese EVs and pretend this doesn't happen. Same thing as tiktok. You'll never be protected as long as they can point to the Chinese boogyman.

[-] Ephera@lemmy.ml 15 points 9 months ago

Yeah, I feel like that's why the EU has such strong privacy regulations. Tech giants in our market are mostly either state-tolerated&-utilized monopolies from the US or state-owned monopolies from China.

load more comments (1 replies)
[-] plz1@lemmy.world 134 points 9 months ago

"Sharing" is a funny way to word a headline. They are selling it, for a profit, because it's legal. It's immoral and shady as hell, but "prevent it or expect it" applies here.

[-] delirious_owl@discuss.online 18 points 9 months ago* (last edited 9 months ago)

Yeah should say "currently legalized sales of personal data" to emphasize that this sort of thing is illegal in many other regions.

[-] kbal@fedia.io 98 points 9 months ago

Last time I drove a rental car I was constantly aware that it was probably tracking everything I did, sending that data back to its owners, who would then sell it on to data brokers and insurance companies and whoever else wanted it.

It was sort of tolerable on a temporary basis, until I got to driving along a road where the speed limit had recently changed. The car helpfully displayed what it thought the speed limit was, and suddenly I had to choose between driving safely and driving according to what the computers presumably wanted to see.

Drivers of the world, do not let your cars have Internet access. No good can come of it.

[-] Codilingus@sh.itjust.works 42 points 9 months ago

Classic JDM shit boxes till I die. Used to be a joke, but since cars have become what are essentially IoT devices, it's become real. 🥲

[-] sugar_in_your_tea@sh.itjust.works 23 points 9 months ago

Yes, the only access to the Internet a car should have is through my phone in an opt-in basis. That way I can stream music, map directions, etc through my phone that I've already made somewhat secure.

load more comments (17 replies)
[-] doricub@lemmy.world 74 points 9 months ago

We don't have to worry about the government tracking us everywhere we go. These corporations will do it for them and then sell the data for a proft.

[-] agent_flounder@lemmy.world 15 points 9 months ago

What a great use of my tax dollars.

[-] Quexotic@infosec.pub 12 points 9 months ago

Not will, do: https://www.politico.com/news/magazine/2024/02/28/government-buying-your-data-00143742

This is how you radicalize a populace. Fuckin stupid move.

load more comments (4 replies)
[-] AliasAKA@lemmy.world 74 points 9 months ago* (last edited 9 months ago)

We need to start poisoning this data. I don’t think the solution is to cut the wires, I think it’s to send bogus data. Just make it so that no matter how I drive, the data is always overwritten that I traveled 5 miles at 30mph average with no hard stops and no hard accelerations. I only ever make that trip. Wanna base my insurance off that? Go for it.

Anyways I lack the technical ability to do this, but wonder if some enterprising person could hack the obd to constantly overwrite the data here.

Again I want to poison this data. It should be illegal, but it’s not. Companies will charge me more if I block it. So the solution is data poisoning imo.

Incidentally we need to be poisoning ALL data brokers and collectors for these types of things.

[-] CancerMancer@sh.itjust.works 40 points 9 months ago

Incidentally we need to be poisoning ALL data brokers and collectors for these types of things.

Go here for a good start: https://adnauseam.io/

load more comments (1 replies)
[-] tal@kbin.social 16 points 9 months ago

It might be nice if auto reviewers included a "privacy rating" for a vehicle based OK whether it broadcasts anything via radio (e.g. cell or tire-pressure systems can be used to identify someone). It's not just auto manufacturers, but anyone who wants to set up a radio monitoring network, if there are unique IDs being broadcast.

I don't know how a reviewer could know whether there's a way for a manufacturer to gather logs during maintenance.

load more comments (1 replies)
load more comments (3 replies)
[-] cyborganism@lemmy.ca 65 points 9 months ago

I still have my 2010 Mazda 3. The only tech it has is Bluetooth connectivity for phone and music and some voice commands for calls.

The day I will change cars will be the day my car completely dies and there's nothing I can do about it, or it becomes illegal to drive, or it gets wrecked in an accident.

I don't ever want the new cars. I hate hate hate the stupid touch tablets they've put to control everything instead of physical knobs, and now this fucking crap where your car spies on you and rats you out to you insurance company.

[-] Reverendender@sh.itjust.works 18 points 9 months ago

They can pry my 2007 Tundra from my cold dead hands.

load more comments (4 replies)
[-] mdd@lemm.ee 10 points 9 months ago

Agreed.

I now need to root my Android and put a new OS so it stops telling Google where I am. I'm slightly afraid as I just want my phone to work when I need it.

I'm sure T-Mobile uses my location data for something too.

[-] Sabata11792@kbin.social 18 points 9 months ago

Everyone calls me paranoid for even just giving a shit about being spied on. Am I supposed to enjoy getting reamed by the rich?

load more comments (6 replies)
[-] JIMMERZ@lemm.ee 49 points 9 months ago

My auto insurance rose 27% this year. My cars sit in a locked garage 20ft away from me practically all week long as I work from home. I was shocked to find my rates rose so high as I barely even drive at all anymore. Their solution was for me to get their data collection puck. What a fucking racket!

[-] towerful@programming.dev 14 points 9 months ago

Apparently a part of that is that EVs are more expensive to insurance companies, so they are spreading that cost around.
My insurance jumped by about 20% as well, after discounts from shopping around.
It cant just be EVs, but when i was searching this was the main reported factor.

Or, all the insurance companies just decided to massively bump rates

[-] Facebones@reddthat.com 11 points 9 months ago

My understanding is that they all got together and decided to raise rates across the board.

load more comments (6 replies)
[-] thesystemisdown@lemmy.world 25 points 9 months ago

It would seem that I'm going to be driving old cars until I die. I also like manual instruments and gauges that make sense. I don't need to watch Netflix rolling along at 70mph. Before anyone schools me on my carbon footprint, I get 37mpg and a tank lasts me about a month.

[-] Classy@sh.itjust.works 11 points 9 months ago

Just got my 2014 RAV4 and I'm in love. I was using rentals between vehicles and Holy Fuck do I hate modern cars. WHY do we need a fucking DIAL for the gear shift? Or BUTTONS? Why do I need a fucking 18" display!!

[-] BakerBagel@midwest.social 11 points 9 months ago

I was pissed that there was no aboiding getting an infotainment system in the car i bought last summer. 2015 Subaru Crosstrek has a sluggishly slow touchscreen that is a danger. Then i took a ride in my uncle's 2022 Outback last year and it felt like a freaking slot machine at a casino. Every control ran through it and it was still disgustingly slow and sluggish.

load more comments (1 replies)
load more comments (3 replies)
[-] ReverendIrreverence@lemmy.ml 24 points 9 months ago

Kinda like those who choose to be in the Progressive Insurance "Snapshot" program where you install an OBD2 dongle that reports a lot of data about your driving habits back to Progressive in the dim chance you drive so well that they will lower your rates.

[-] Adalast@lemmy.world 32 points 9 months ago

Big difference is consent.

load more comments (1 replies)
[-] delirious_owl@discuss.online 11 points 9 months ago

Surely theres someone who has a rasberi pi that reports fake data to this thing? Yes, insurance company, I drive like a Grandma. You're welcome, now give me my discount.

load more comments (5 replies)
[-] JustUseMint@lemmy.world 23 points 9 months ago

Louis Rossman has more than one video on the topic of newer cars that are basically always connected to the internet and all of the data harvesting they do. Here's one

https://yewtu.be/watch?v=OYcmF9IAJbU

load more comments (3 replies)
[-] RootBeerGuy@discuss.tchncs.de 23 points 9 months ago

But you don't have to worry if you got nothing to hide... /s

load more comments (2 replies)
[-] driving_crooner@lemmy.eco.br 21 points 9 months ago* (last edited 9 months ago)

Moving from 64 to 65 also moves you to a different age bracket, I would guess that this is the main reason he saw a general rise on his insurance cost from all the other insurance companies.

[-] snooggums@midwest.social 35 points 9 months ago

True, but the insurance agent told him the spyware report was a factor.

load more comments (6 replies)
[-] Holzkohlen@feddit.de 18 points 9 months ago

I will end up living in the woods at this rate.

load more comments (3 replies)
[-] BestBouclettes@jlai.lu 14 points 9 months ago

We didn't see that one coming huh

[-] HubertManne@kbin.social 12 points 9 months ago

meanwhile I have to pre fill out some forms so the sherrif office can track it if its stolen. It cracks me up how the government getting things is a big deal but corpos then no worries.

[-] JohnDClay@sh.itjust.works 11 points 9 months ago

Is there a way to disable this? Does it report though android auto? Is there a way to prevent those packets sending?

load more comments (4 replies)
[-] MyTurtleSwimsUpsideDown@fedia.io 10 points 9 months ago* (last edited 9 months ago)

Is that the whole text of the article? (paywall) Was there any investigation as to the source of the data on the report? ~~As this is a leased vehicle, I would not be surprised if the data came from a dealer module that they use to immobilize and locate the vehicle if you miss a payment or otherwise violate your lease.~~

According to the report, the trip details had been provided by General Motors

https://archive.ph/lmMp9

[-] something_random_tho@lemmy.world 18 points 9 months ago

Car companies are directly sending this data to the brokers in exchange for “low millions of dollars.” Imagine destroying all consumer trust in a multi-billion dollar brand for so little. I would never even consider buying a GM or any brand involved in this.

load more comments (4 replies)
[-] ITeeTechMonkey@lemmy.world 15 points 9 months ago

Unfortunately its not a third party module but manufacturer built-in features.

Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people’s driving. Some drivers may not realize that, if they turn on these features, the car companies then give information about how they drive to data brokers like LexisNexis.

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 11 Mar 2024
778 points (98.9% liked)

Privacy

32177 readers
269 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS