It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy
Mozilla Foundation

Some not-so-fun facts about these rankings:

• Tesla is only the second product we have ever reviewed to receive all of our privacy “dings.” (The first was an AI chatbot we reviewed earlier this year.) What set them apart was earning the “untrustworthy AI” ding. The brand’s AI-powered autopilot was reportedly involved in 17 deaths and 736 crashes and is currently the subject of multiple government investigations.

• Nissan earned its second-to-last spot for collecting some of the creepiest categories of data we have ever seen. It’s worth reading the review in full, but you should know it includes your “sexual activity.” Not to be out done, Kia also mentions they can collect information about your “sex life” in their privacy policy. Oh, and six car companies say they can collect your “genetic information” or “genetic characteristics.” Yes, reading car privacy policies is a scary endeavor.

• None of the car brands use language that meets Mozilla’s privacy standard about sharing information with the government or law enforcement, but Hyundai goes above and beyond. In their privacy policy, it says they will comply with “lawful requests, whether formal or informal.” That’s a serious red flag.

• All of the car brands on this list except for Tesla, Renault, and Dacia signed on to a list of Consumer Protection Principles from the US automotive industry group ALLIANCE FOR AUTOMOTIVE INNOVATION, INC. The list includes great privacy-preserving principles such as “data minimization,” “transparency,” and “choice.” But the number of car brands that follow these principles? Zero. It’s interesting if only because it means the car companies do clearly know what they should be doing to respect your privacy even though they absolutely don’t do it.