Ford exec says it doesn't collect or share car location data

Automaker contends it only uses data for customer requests and to troubleshoot problems

A Ford executive told U.S. Sen. Al Franken (D-Minn.) that the automaker does not collect or share location data from cars without the operator's explicit permission.

Franken had asked Ford CEO Alan Mullaly for the information after Ford marketing chief Jim Farley told reporters at the Consumer Electronics Show last month that the company has a pretty good idea of a person's driving habits based on data compiled from the navigation system data in their Ford vehicle.

In a letter, Franken asked Mulalley to spell out precisely what data Ford collects via in-vehicle GPS systems and how the company obtains driver consent to collect and share that data. Franken also asked who the information is shared with, how long it's stored and what security measures are used to protect it.

In a letter released by Franken this week, Ford's vice president of government relations Curt Magleby maintained the automaker only collects and uses location information from vehicles to support specific customer requests for service and to troubleshoot problems.

Ford's SYNC is a voice-activated system that provides wireless turn-by-turn navigation, traffic updates and other applications. SYNC is available for the auto maker's 2013 and 2014 models. (Photo: Ford Motor Co.)

He contended that Ford has strong accountability for the handling of any personally identifiable information of car owners, and that it employs strong physical, technological and administrative controls to protect the data.

Additionally, the company allows customers to delete any stored location data by calling the company, he said.

Magleby said that the embedded navigation systems in all Ford 2013 and 2014 model year vehicles store latitude, longitude, and timestamp data in a temporary buffer onboard the vehicle. The location data is typically stored for two to three weeks but is never transmitted off vehicle to Ford or any third-party Magleby said.

Ford's voice-activated SYNC system, which controls audio, climate, navigation and other features, can be paired via Bluetooth to a driver's mobile device, he said. Thus Ford can deliver a variety of other SYNC services, such as turn-by-turn navigation, traffic updates and business searches. A customer can also upload vehicle diagnostic information to Ford via SYNC, when it is paired with a customer's mobile device.

Some of the wirelessly connected applications involve off-vehicle transmission of location data, travel direction, saved charge locations (in the case of electric vehicles) and other information, to Ford and third-party service providers.

In all cases, the applications require specific consent from the vehicle operator via in-vehicle prompts, website user agreements or mobile app agreements, before they collect and transmit data from a vehicle. Ford and third-party service providers do not hold on to any personally identifiable location data collected via these services for more than 90 days, Magleby said.

The only time Ford shares location data with government or with law enforcement is in the event of an accident or in response to a court order.

In a statement, Franken said he was glad that Ford had responded to his question but said that companies need to provide more to information about location data collection practices to consumers.

"This is sensitive information -- and notices to consumers about this sensitive data shouldn't get lost in fine print," Franken said.

The Senator said he will soon reintroduce a location privacy bill he filed last year.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is jvijayan@computerworld.com.

Read more about mobile/wireless in Computerworld's Mobile/Wireless Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Ford Motor Co.Mobile/WirelessNetworkingsecuritywirelessmobileprivacy

More about Consumer ElectronicsFord MotorTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place