Your Car Knows a Lot About You, and the Police Are Listening
by Michael Thompson
For years now, cars have allowed us to synch our devices with their onboard computers, giving us hands-free and Wi-Fi access along with a wealth of infotainment options. A user could be forgiven for believing the data is transient, i.e., temporarily stored during use and erased when the car is shut off. But that is not what happens. The car’s software becomes a repository for drivers’ and passengers’ data.
One recent hack allowed anyone with access to the Vehicle Identification Number to gain entry to Hondas and Nissans. It was possible to acquire its location, unlock the doors, start the car, and download troves of data. The hack, which passed through SiriusXM’s informatics, has been patched, and Honda claims not to have seen any indication of malicious exploits of the hack. Nevertheless, it is a weakness in how our vehicles interact with the internet and suck up data as we use them.
The potential for a data motherlode has not escaped the notice of investigators eager to surveil your most intimate spaces. Your vehicle is capable of producing tons of evidence, in many cases more than is available on your smartphone and less secure. Modern automobiles track where you went, how long you were there, and your driving habits. That allows insurance investigators to know whether you actually did press the horn and apply the brakes prior to an accident.
It goes further. A 2019, a Dodge Charger was searched near the Mexico border recently. The patrol agent writing about the search said the infotainment systems were especially useful. He was able to slurp email addresses, IP addresses, and phone numbers as well. All of it “used to facilitate the transportation or movement of noncitizens, without legal status into and throughout the United States.” It could even be used to extrapolate “the account user’s state of mind, including knowledge, motive and voluntariness.”
A Bureaus of Alcohol, Tobacco, and Firearms investigator parroted that claim in a warrant filed to investigate a 2022 Ford F-150. He added that the phone need not have been connected to the vehicle to collect the data that could include passwords. “There are over 10,000 supported vehicles” that could be raided thanks to digital technologies, he wrote. For that reason, agencies are spending vast sums on the tools that may even bypass Fourth Amendment safeguards. Maryland-based Berla’s iVe tool has seen sales of $380,000 to Customs and Border Patrol, $500,000 to Immigration and Customs Enforcement, and even more for training.
Privacy groups are rightfully concerned. The Surveillance Technology Oversight Project (“S.T.O.P.”) pointed out cars receive fewer protections, legal and technological, while storing more personal data than even our phones. S.T.O.P. research director told Forbes that CBP and ICE were “weaponizing our data.” She added, “While we don’t know how many cars CBP and ICE have hacked, we do know that every new car is vulnerable.”
Sources: TechDirt.com, Law Enforcement is Extracting Tons of Data From Vehicle Infotainment Systems, Forbes, Cops Cash Extract Data From 10,000 Different Cast Models’ Infotainment Systems
As a digital subscriber to Criminal Legal News, you can access full text and downloads for this and other premium content.
Already a subscriber? Login