Using the Privacy4Cars tool, we looked at Honda CR-V and Civic models. Honda can collect information about your vehicle (such as fuel levels, tire pressure, and battery charge status); trip log information (such as when you start and end a journey); and airbag system status. There is also information about how you use the connected elements of your vehicle—such as search content, call history information, and voice commands (which could include audio recording). Driver behavior information can include pedal position, engine speed, and steering angle, among other things.
There’s also “on-board data,” which is information that is generated by your car but “generally” not sent to Honda. This is information that’s stored in your car and could be accessed by someone plugging in external data extraction tools, such as a technician. Honda’s documentation says this could include information about how your car is used, driver behavior information, or contacts and messages sent using the systems.
Privacy4Cars results say it is unclear how Honda uses biometric data, which is information about your body. Honda’s Martin says no Acura or Honda models in the US have systems that transfer biometrics to the company. The airbag system within the car may collect weight and body position information, Martin says, but this is stored on the onboard computer and is only accessible by a physical connection, with state and federal laws outlining who can access it.
Honda’s connected product privacy notice says it is possible to opt out of many forms of data collection, pointing to its apps and owners manuals.
Ford (F150)
Only one Ford model, the F150 truck, appears in recent lists of best-sellers, but it’s often the most popular across all categories. Like most manufacturers, Ford collects information about who owns the vehicle, including names, location details, and driving license data. Privacy4Cars analyzed four Ford documents, which run to around 50,000 words, when looking at the data the company can collect.
Alan Hall, director of technology communications at Ford, says its Connected Vehicle Privacy Notice provides people with the most information about what its cars collect. This includes vehicle data, such as tire pressure, information about how parts are performing, and vehicle charging information if a vehicle is electric.
The company also can collect driving data and characteristics, such as your speed, how you push the pedals, and seat-belt-related data. Information about your travel direction, precise location, speed, and local weather can be gathered from the vehicle.
Voice recognition systems in some of its vehicles can gather information when they are listening. Its “media analytics” involves capturing information about what you listen to in your car, including “radio presets, volume, channels, media sources, title, artist, and genre.”
The section of Ford’s privacy policy that is specific to California, which has stricter data laws than across the US, also provides extra data about what can be collected. “We utilize connected vehicle data to improve quality, minimize environmental impact, and make our vehicles safer and more enjoyable to drive and own,” Hall says.
Chevrolet (Silverado)
Chevrolet, which is owned by General Motors, collects both information about you and what you do with your vehicle, as all manufacturers we analyzed do. A company spokesperson says its privacy statement is the fullest documentation of what the company collects. This document also links to its specific privacy document for connected services, including its cars. We ran the Chevrolet Silverado through the privacy tool.
As a starter, GM collects people’s identifiers, such as names, postal addresses, and email addresses. Chevrolet’s documents say it can collect information about your vehicle, such as its battery, ignition, and window data, gear status, and diagnostic information. It can also collect, among other things, your location, route history, your speed, and “braking and swerving/cornering events.”