For Subaru the module I’m referring to is called the DCM, short for STARLINK Telematics Data Communication Module. My assumption is that it connects to the antennae in the sharkfin for cellular and GPS and phones home whatever data Subaru collects. I don’t know if the data collection is programmed into the DCM itself or elsewhere.
I think it’s important to note that with everything being proprietary to each manufacturer, I can only provide speculation with my assumptions for my car specifically. I can’t give any definitive information on whether or not what I’ve done is truly impactful or just privacy theater. My thoughts are based only on what I’ve looked up and observations I’ve made.
I mentioned this in past discussions but there are not a lot of options out there. Take a look at this Mozilla report for example
Even if these companies have good privacy policies, cars cannot be private because of license plate registration. It’s usually tied to your real identity and address anyways.
If we do make a vague-ish guide, we probably would recommend cars that support Car Play and Android Auto in my opinion. That would exclude cars made by GM because they are requiring their customers to buy an infotainment subscription. Graphene does support Android Auto thankfully.
Ideally, you could purchase an older model without an infotainment system and install your own. Since most units sold on the market are essentially chinese-made tablets, they are probably insecure. Alternatively, you can buy a cheap Pixel Tablet or Pixel phone and attach it to your car. That risks the device overheating though.
Maybe as a list of suggested cars, it might be out of scope. But I think it would still be useful to lay out the privacy-invasiveness for informational purposes.
Having a “car overview” (or maybe even a blog or something) which lays out knowledge like…
… is useful information for people to know. I think it would also tie neatly into the US homebuying process and how that’s invasive to privacy. Whether someone wants to act on these information or not would depend on their particular threat model, but it’s still useful information nonetheless without that particular threat model.
Although… Now that I think about it, maybe this too is out of scope. Privacy Guides is concerned with online and digital and data privacy, etc. I am thinking this would be better for a blog then, as opposed to an overview article.
I’m surprised someone hasn’t started a business where you can take your car and have it “unplugged” from sending or collecting info and yet have the car still function. Personally, I would pay top dollar for such a service.
Ideally, we would have our Staff Writer/journalist, or some other staff member, to test our recommendations out. That works great if we’re reviewing a Linux distro or a password manager. Less so because we can’t drive all the cars out there.
While we don’t need to physically review them and could analyze their privacy policy instead, other folks (such as those at Mozilla and the EFF) have already reviewed the current landscape of automobile privacy through their blogs.
Then again, there is a possible and interesting project of “finding” a random used car from the early 2010s, and seeing if it’s possible to: A) Obtain it somewhat anonymously besides what is legally required and B) Install a private infotainment system
In term of traveling and moving privately, the simpler and more basic options are often the best.
Note before the options are presented: beware of your phone. Enable Airplane Mode so your ISP can´t track you.
Walking might be one of the most private method of transport. If your country has facial recongition, cover your face. You can also put a rock in your shoe to counter gait tracking.
If you need to travel longer distance, it get more difficult.
A car isn´t that private nowadays, especially with radars, license plate readers for controlling entry (eg. in zero-emission zones, etc) and cars themselves. Prefer old cars with less technology. Don´t speed so radars will not flash you.
Bus and train can be fairly good options, provided you can pay in cash without providing a name.
I think you’re responding to me because you quoted me, but I don’t see the connection you’re making with what I said. I wasn’t talking about listing or testing any recommendations.
What I was talking about was specifically A, as in the buying process (which is why I alluded to the homebuying process in my reply). I’m less interested in the private infotainment system. What is, for example, the best general legal knowledge for obtaining a vehicle as private or anonymous as what is legally allowed? That’s what I was referring to.
This is why I said it might be too out of scope for Privacy Guides as a knowledge base overview article, because the knowledge base seems to be oriented more around online/digital world and this thing I’m proposing is embedded in the legal world. Additionally, another reason why it might be too out of scope is that the legal knowledge would most likely be highly specific to one’s state or even city, so “generalized” legal knowledge is likely not possible.
But I still wonder if there’s anyone here who’s legally knowledgeable and can give us the best general advice.
