The $800 Billion Secret Inside Your Car

Fight to Repair is a reader-supported publication. Sign up to receive updates in your inbox. (It’s free!) Or become a premium subscriber for access to exclusive content and live events!

This week, the California Privacy Protection Agency (CPPA) opened an investigation into how automakers utilize data collected from connected cars. Using the California Consumer Privacy Act of 2018, which grants Californians the right to know what data businesses are collecting, the agency aims to understand what data automakers and other companies are collecting from the tens of millions of drivers in the state.

The fight over vehicle data is essentially a question of ownership. Car companies want to capitalize on the data generated from sensor-rich modern vehicles, claiming rights to the data as part of complex software license agreements that car owners must agree to in order to operate the vehicles. Advocates for vehicle owners believe that the data should be accessible to vehicle owners and that owners should also be able to opt out of data collection and tracking. As these systems become increasingly integrated into vehicle diagnostics and repair, owners will find themselves increasingly locked out of repair unless these systems become more open.

An $800 billion secret

What isn’t in doubt is that data from vehicles makes companies a lot of money. Data collected from cars is projected to be worth up to $800 billion by 2030, according to a report by CapGemini.

Here’s how it works: Car manufacturers collect the data of drivers, package it up, and sell it to those who might want access it—from insurance firms to infotainment companies. Businesses buying this data use it to improve services like directions, music, and third-party apps designed to run inside vehicles or to inform actuarial models used by insurance firms.

Both car companies and buyers of data seem to be getting a lot of value out of tracking drivers’ habits. But at present it doesn’t seem like individual drivers are receiving the same benefits—especially since they don’t have access to data or agency over what gets collected. And few drivers are even aware of what data is being collected from them or how it is being used. According to the CapGemini report, 82% of survey respondents said they did not know what data their vehicle transmits.

By keeping consumers in the dark about their data and the workings of their cars, car companies can get away with things that are bad for their customers but good for quarterly earnings numbers.

Take Tesla, which was caught this week “rigg[ing] the dashboard readouts in its electric cars to provide “rosy” projections of how far owners can drive before needing to recharge.” In other cases, automakers use their exclusive control over telematics systems to make repairs more difficult or constrain the use of non-OEM parts, forcing owners to pay a premium. As we reported in November, Tesla is alleged to have configured its telematics software to disable a “trailer mode” designed to safely operate its Model Y sedans if the owners attach a non-Tesla brand hitch to their vehicle.

So who should own that data? It’s a question that extends well beyond automobiles. Farmers, for example, surrender detailed data about their equipment and farm operations to manufacturers like John Deere, whose equipment collects and transmits everything from machine settings, throughput, and sensor readings, to field task details, harvest and yield data, and historical information.

At a personal level: when you go to the gym wearing an Apple Watch or take your iPhone on your daily walk, you are being tracked. When you scroll, like, and post things on social media apps, you are generating value for companies that are using that information to keep you engaging with their services. Plus, they can build a profile about you based on your data and sell it to advertisers who will use it to market you products (often junk that ends up lining landfills.)

Armed with a toothy state data privacy and ownership law, California’s privacy regulator is now looking to peel back the covers on this mostly unexplored industry.

The fight over vehicle data ownership and access isn’t limited to California either. The proposed federal REPAIR Act would nationalize access to vehicle repair data, including telematics data, in keeping with a Massachusetts state law passed in 2013 and updated in 2020.

In the meantime, California’s investigation could bring to light objectionable practices by automakers while exposing the truth about the lucrative connected vehicle data industry and the high price consumers are paying through the surging costs of repairs.

Device Page

Xbox

The original Xbox is Microsoft's first widely popular video gaming system. It has an easily identifiable black case with 'XBOX' emblazoned on the top and front. Repair is easy with common tools.

View Device

More News

• Microsoft is now selling repair kits: Replacement parts are now available for Xbox controllers, including the Xbox Elite Series 2 and standard Xbox Wireless Controller, allowing gamers to fix broken parts themselves instead of relying on third-party sources.
• Farmers decry expensive repairs as lawmakers make the rounds: As U.S. Rep. Marie Gluesenkamp Perez (D-WA) toured Lewis County in her home state, she came face to face with the reality of modern farming. Meeting with Shane Styger at the family’s dairy farm, Glusenkamp—who campaigned on her support for the Right to Repair—said that Styger’s family’s farm was the first in Lewis County to use robotic milking machinery. The equipment has greatly reduced the farm’s reliance on human labor but not without a cost. “According to Linda Styger, they’re lemons,” according to a story in The Chronicle. In the last few years, they’ve spent an estimated $30,000 annually on repairs for the machinery. And, adding insult to injury, she was audited by the IRS for not paying taxes on the repairs as “farm upgrades.”
• The upcoming iPhone 15 Pro Max: This new phone is rumored to be easier to repair, will likely have a higher initial cost, but rumors are circulating that consumers could save money in the long run due to potential repairability and reduced need for frequent upgrades.
• Court dismisses lawsuit over coffee maker repair: Coffee machine maker De Longhi America Inc. successfully had a lawsuit over repair restrictions in warranties dismissed by a federal court. De Longhi America Inc. won the dismissal of a lawsuit concerning repair restrictions in warranties for its products. The customer who filed the suit didn’t demonstrate any concrete injury as he never sent his malfunctioning coffee maker for repairs or violated the warranty terms. Judge Katherine Polk Failla from the US District Court for the Southern District of New York ruled that a statutory cause of action isn’t sufficient for claiming damages.
• Unpatchable AMD chip flaw unlocks paid Tesla feature: Researchers from TU Berlin found an unpatchable flaw in Tesla’s MCU-Z, allowing them to unlock paid features and access private user data. The researchers used a voltage fault injection attack on Tesla’s MCU-Z, exploiting a known flaw in AMD’s processor. The exploit provides access to Tesla subsystems and can unlock software-locked features that are usually paid upgrades such as the Enhanced Autopilot and Full Self-Driving. The flaw is “unpatchable,” and Tesla has no known mitigation solutions.