Report: The Government Is Already Using Connected Cars to Spy on You
A recent report from The Intercept has confirmed some of our biggest fears about connected vehicles. Apparently, U.S. Customs And Border Protection (CBP) has struck a deal with Swedish mobile forensics and data extraction firm MSAB for hardware that allows the government to not only siphon up vehicle data but also use it as a backdoor to access the information on your phone.
While this shouldn’t be all that surprising in an America that’s seen the Patriot Act pave the way for all sorts of government spying, the arrangement represents another item in a toolbox that’s frequently used against regular citizens. CBP is alleged to have spent $456,073 on a series of vehicle forensic kits manufactured inside the United States by Berla. Internal documents suggest that the system was unique and of great interest to the U.S. government, with a multitude of potential applications pertaining to automotive data. But what surprised us was just how much information carmakers thought their products needed to keep tabs on and how that plays into this.
From The Intercept:
According to statements by Berla’s own founder, part of the draw of vacuuming data out of cars is that so many drivers are oblivious to the fact that their cars are generating so much data in the first place, often including extremely sensitive information inadvertently synced from smartphones.
Indeed, MSAB marketing materials promise cops access to a vast array of sensitive personal information quietly stored in the infotainment consoles and various other computers used by modern vehicles — a tapestry of personal details akin to what CBP might get when cracking into one’s personal phone. MSAB claims that this data can include “Recent destinations, favorite locations, call logs, contact lists, SMS messages, emails, pictures, videos, social media feeds, and the navigation history of everywhere the vehicle has been.” MSAB even touts the ability to retrieve deleted data, divine “future plan[s],” and “Identify known associates and establish communication patterns between them.”
As if that’s not enough, the system is also said to be capable of pulling really detailed items, like when and where you turned on your headlamps or opened/closed a door. There are also data logs for vehicle speed, gear selection, steering inputs, ignition cycles, and more — all linked to your positional data and the time. Manufacturers have been cagey about just how much information modern vehicles take in and share but the answer appears to be “literally as much as we can engineer into them.”
And now it’s available to anyone who can afford one of these kits, including government agencies, despite being an absolutely massive volition of the Fourth Amendment to the United States Constitution.
MSAB’s contract with CBP was active from June of last year until the end of February and reportedly worked Customs And Border Protection’s Laboratories and Scientific Services on training. The Swedish firm stated that it has no customer policy or governance on how its products/services are used. Considering that MSAB was previously helping teach people how to crack smartphones, that’s hardly a surprise.
The company has only recently branched out into automotive espionage and previously found itself extremely popular with law enforcement agencies around the world that wanted easy access to the private data contained within mobile devices. But with the automobile gradually metamorphizing into a motorized computer that beams data back to the manufacturer, the new businesses was shaping up to be a lot like the old one — only with fewer privacy protections in place, brand new data points to swipe, and a backdoor into networked devices (e.g. phones, tablets).
“The scale at which CBP can leverage a contract like this one is staggering,” explained Mohammad Tajsar, an attorney with the American Civil Liberties Union of Southern California.”
The Intercept report goes on to reference an NBC article that gives numerous examples of police and government agencies leveraging vehicle data for investigations, often without warrants. That piece also quoted Berla founder Ben LeMere as he outlined the insidiousness of how the data is harvested in the first place on The Forensic Lunch podcast.
“People rent cars and go do things with them and don’t even think about the places they are going and what the car records,” he explained. Your phone died, you’re gonna get in the car, plug it in, and there’s going to be this nice convenient USB port for you. “When you plug it into this USB port, it’s going to charge your phone, absolutely. And as soon as it powers up, it’s going to start sucking all your data down into the car.”
“What they’re really saying is ‘We can exploit people because they’re dumb … We can leverage consumers’ lack of understanding in order to exploit them in ways that they might object to if it was done in the analog world,'” suggested Mr. Tajsar.
Automakers are complicit in this because there’s absolutely no way they were unaware of the type of information that’s being gathered. While many will urge them to deploy better security measures, your author has been averse to data harvesting since day one. It’s predatory and leads to egregious privacy violations like the one you’re reading about now. We’ve covered quite a bit on the topic ourselves, but those interested in learning more will also find a wealth of information in The Intercept’s full report.
[Image: Virrage Images/Shutterstock]
Join the conversation
Latest Car ReviewsRead more
Latest Product ReviewsRead more
- Alan I don't know how well Mustangs are selling in the US, but here in Australia since its release a while back Mustang sales have taken a nose dive. Maybe those who wanted a Mustang have bought, or Ford needs a new Mustang model, maybe both.
- Alan GM is still dying. The US auto manufacturing sector overall needs to restructure. It is heavily reliant on large protected vehicles with far more protection than the EU has on its vehicles (25% import tariff).Globally GM has lost out in the EU, UK, Australia, etc. GM has shut down in Australia because it is uncompetitive in a global market. Ford still exists in Australia but is reliant on a Thai manufactured pickup, the Ranger which is Australia's second largest selling vehicle.The US needs to look at producing global products, not 'murica only products. Asians and Europeans can do it. America is not unique.
- Duane Baldinger Ya my cupcake Mailman will love it!
- Duane Baldinger Where can I send the cash? It's a surprise BDAY present for my cupcake Mailman. D Duane
- Art Vandelay Pour one out for the Motors Liquidation Corporation
You trade away your privacy every time you use a a rewards card or a credit card that uses a rewards program. For a discount or a reward you trade information about yourself and your buying habits. If you really are concerned about being tracked then don't use a credit card and live off of the grid--better yet become Amish. Not saying this doesn't matter or not to be concerned but in today's World it is next to impossible not to be monitored or to have information that is shared with others about yourself.
OK, we have no privacy. Whatever but why should gov, police, etc, get to enjoy secrecy that denies the rest of access to their crimes, rights violations, corruption, etc. That's what this is all about. It was an huge oops moment when the CBP realized they're exposed just like anyone else.