In September 2023, the Mozilla Foundation’s Privacy Not Included blog published its findings on the privacy practices of all the major car companies, and it wasn’t pretty. “It’s official: Cars Are the Worst Group We’ve Ever Seen for Privacy,” read the headline on the blog’s website, and the details only add to the concern, with 25 “found” versions of Mozilla’s “*Privacy Not Included” warning sign.
How well did Honda do, specifically? According to Mozilla, Honda states that you opt-in to its data collection systems when you buy or lease a car with an in-dash infotainment system and use its connected services. Perhaps most surprisingly, Honda’s policy states that it can determine how smart you are or not. It also specifies “Purposes derived from Personal Information or data related to your preferences, interests, characteristics, attitudes, habits, behaviors, attitudes, intelligence, skills, and abilities.”
Honda includes the usual warning about selling your data and states that it may use your data “[f]or any other purpose for which we receive your consent; and as permitted by law,” which doesn’t make sense. It doesn’t help that Honda has seen several security issues, while security researchers are frustrated because Honda has no way or department to report these security flaws to them. They can be resolved quickly and safely.