A U.S. senator Tuesday pressed Ford for information on its in-car data collection practices, citing recent boasts by an executive at the auto maker that it can monitor drivers via integrated navigation system.
Sen. Al Franken (D-Minn.) asked Ford CEO Alan Mullaly to spell out precisely what data the company collects via in-vehicle GPS systems and how the company obtains driver consent to collect that data. In a letter to the Ford chief, Franken also asked for information on who the data is shared with, how long it's stored and what security measures are used to protect it.
The letter was written after Ford marketing chief Jim Farley told Business Insider at the Consumer Electronics Show (CES) in Las Vegas last week that Ford has a pretty good idea of a person's driving habits from the navigation system data in their Ford vehicle.
"We know everyone who breaks the law. We know when you're doing it," Farley told Business Insider. "We have GPS in your car, so we know what you're doing. By the way, we don't supply that data to anyone."
The company later downplayed those remarks and insisted that it doesn't track customers or transmit data from the vehicle without the driver's permission.
A Ford spokesman later told Business Insider that the GPS systems in its cars do not routinely ping the vehicle's whereabouts to the company. Farley also claimed he had left "absolutely the wrong impression" about how Ford operates.
Franken's letter to Mullaly cited Farley's remarks.
He noted that while Ford had retracted its claims about tracking drivers via their GPS systems, the company has made contradictory claims about its information sharing practices. Franken said he is seeking clarification from Ford executives.
Franken's letter also referenced a recent Government Accountability Office report on how car companies secure location data collected from in-car navigation systems.
The report is based on a GAO survey of the country's largest auto makers, including Ford. It noted that all auto makers surveyed disclosed to customers that they collected and shared de-identified location data. However, in almost all cases the reasons given for collecting the data were vaguely worded or not exhaustive.
Each of the companies surveyed said they obtained consumer consent for collecting the data and offered limited controls over how much data was collected. However, companies that retained the data offered consumers no options to delete that data at a later date or to prevent it from being used and shared in future.
"I believe this is too little transparency," Franken said in his letter. "American drivers deserve better -- and Mr. Farley's statements underscore this problem."
Franken's letter is another sign of the increased attention that lawmakers are paying to privacy and security threats posed by wireless enabled devices and systems in automobiles.
In December, Sen. Edward Markey (D-Mass.), sent a series of detailed technical questions about the vulnerability of modern vehicles to wireless security and privacy threats to CEOs at 20 major auto makers around the world, including Ford, Toyota, Volvo, BMW, Chrysler, Mercedes and Nissan.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is email@example.com.