Mach-E Forum | Ford Mustang Mach-E Forum and News banner

1 - 11 of 11 Posts

·
Registered
Joined
·
15 Posts
Discussion Starter · #1 ·
I was installing the FordPass app on my phone, which requires an acceptance of terms, when some things in the privacy policy caught my eye.
The policy (which can be found here) permits Ford to collect and use at its discretion alarming amounts of personal information, including location, driving characteristics, information off your phone (including when not in the car), and even your photo. Moreover, the policy allows Ford to sell or share this information with pretty much whomever it likes, for example:
  • We may provide personal information to external companies under contract with us to enable delivery of the services and where they are subject to confidentiality and security obligations.
Just because we want to use some fancy app features with our car doesn't mean we should give up our privacy. And the liberal data sharing policy with other parties means that the likelihood of abusing, leaking, or hacking your data is even higher than with just Ford.

These policies should give you pause even if you don't think there's anything sensitive about your personal information and location. There are many innocent-enough situations where you may want to keep all this data private or control who sees it. For example:

  • You unintentionally rolled through that stop sign and nobody saw, so no harm done. But subsequently, your insurance premiums keep rising above market rates with no explanation. (I know some insurers let you opt-in to data sharing precisely so you can demonstrate how low-risk you are, but this policy potentially allows Ford to share this data with your insurer without an opt-in).
  • You drove to buy a surprise anniversary gift using Sync's navigation system (or even your phone's) and suddenly you have to explain to your spouse why your news feed is populated with unusual ads. (Of course, some destinations are even more sensitive.)
  • Going camping for the weekend? good for you! Too bad this information was obtained by your local burglary ring.

Data privacy and hacking risk are not a new topic, but there are different standards. For example, a company that processes credit card transactions above a certain volume must meet certain stringent physical and digital precautions. With FordPass' privacy policy, the security measures are unknown, and even how Ford uses it (beyond "provide you with great functionality and services"). Even worse, you have no control or knowledge who else gets to buy this data and how they use or protect it.

California residents have the option to limit the selling of this information. Does anyone know if there's a recourse for non-CA residents to limit information collection and sharing, beyond the phone number provided in the policy? Is there a way to communicate to Ford how egregious their policy sounds?
 

·
Super Moderator
Joined
·
2,707 Posts
I don’t think Ford is selling your data, like Google or Facebook does.
Certain connected features and services require the sharing of certain data in order to work properly. And those features and services more often than not involve third parties.
Just quickly going over a few press releases, here are a list of a few of these companies:
AT&T
Tom-tom
Garmin
Here
MobilEye (Intel)
INRIX
(Definitely others in this mix to supply the connected services)

The biggest share of data is because FordPass is a portal to all the other charge networks. So depending on where you stop, data is exchanged with Electrify America, ChargePoint, EVGo, etc, in order to simplify the use and billing.

You always have to be careful when dealing with businesses online. But there is a level of trust you have to extend that companies are acting in good faith.

UpGuard gives Ford a ‘B’ rating (good). A majority of auto companies fall in this range. Financial sectors usually have an ‘A’ rating. These are based on best practices and historical information. UpGuard is a good place to start if you wish to gain a level of comfort with a company you will do business with.

Nothing is hack-proof. All we can ask for is that a company does all that it can to stay ahead of things.
 

·
Registered
Joined
·
15 Posts
Discussion Starter · #3 ·
It makes perfect sense that Ford would share information with partners that enable certain features in the car, like navigation and charging. But the privacy policy is not limited to this sharing. It is very broad, leaving the door to any kind of sharing. Data is a very valuable commodity, and even if Ford isn't doing much with it today, who's to say that a cash-strapped Ford tomorrow won't expand its sharing.
The fact that Ford explicitly states in the policy that it may start selling personalized ads is a tip-off:

"WE MAY send communications about products, services, offers, promotions, news, and more that are customized based on your personal information, including your location, speed, and driving characteristics."
 

·
Super Moderator
Joined
·
2,707 Posts
It makes perfect sense that Ford would share information with partners that enable certain features in the car, like navigation and charging. But the privacy policy is not limited to this sharing. It is very broad, leaving the door to any kind of sharing. Data is a very valuable commodity, and even if Ford isn't doing much with it today, who's to say that a cash-strapped Ford tomorrow won't expand its sharing.
The fact that Ford explicitly states in the policy that it may start selling personalized ads is a tip-off:

"WE MAY send communications about products, services, offers, promotions, news, and more that are customized based on your personal information, including your location, speed, and driving characteristics."
Ford is offering auto insurace that gets discounts with good driving habits.

They have that ‘suggestions’ feature in the interface. Which recommends nearby POI.

I hope many of these features are opt-in, not the other way around.

PS - Welcome to the Club!
 

·
Premium Member
Joined
·
197 Posts
I was installing the FordPass app on my phone, which requires an acceptance of terms, when some things in the privacy policy caught my eye.
The policy (which can be found here) permits Ford to collect and use at its discretion alarming amounts of personal information, including location, driving characteristics, information off your phone (including when not in the car), and even your photo. Moreover, the policy allows Ford to sell or share this information with pretty much whomever it likes, for example:
  • We may provide personal information to external companies under contract with us to enable delivery of the services and where they are subject to confidentiality and security obligations.
Just because we want to use some fancy app features with our car doesn't mean we should give up our privacy. And the liberal data sharing policy with other parties means that the likelihood of abusing, leaking, or hacking your data is even higher than with just Ford.

These policies should give you pause even if you don't think there's anything sensitive about your personal information and location. There are many innocent-enough situations where you may want to keep all this data private or control who sees it. For example:

  • You unintentionally rolled through that stop sign and nobody saw, so no harm done. But subsequently, your insurance premiums keep rising above market rates with no explanation. (I know some insurers let you opt-in to data sharing precisely so you can demonstrate how low-risk you are, but this policy potentially allows Ford to share this data with your insurer without an opt-in).
  • You drove to buy a surprise anniversary gift using Sync's navigation system (or even your phone's) and suddenly you have to explain to your spouse why your news feed is populated with unusual ads. (Of course, some destinations are even more sensitive.)
  • Going camping for the weekend? good for you! Too bad this information was obtained by your local burglary ring.

Data privacy and hacking risk are not a new topic, but there are different standards. For example, a company that processes credit card transactions above a certain volume must meet certain stringent physical and digital precautions. With FordPass' privacy policy, the security measures are unknown, and even how Ford uses it (beyond "provide you with great functionality and services"). Even worse, you have no control or knowledge who else gets to buy this data and how they use or protect it.

California residents have the option to limit the selling of this information. Does anyone know if there's a recourse for non-CA residents to limit information collection and sharing, beyond the phone number provided in the policy? Is there a way to communicate to Ford how egregious their policy sounds?
I read the policy and decided not to install the FordPass app. I agree with many of your points. Current privacy law in the US needs attention...
 

·
Super Moderator
Joined
·
2,707 Posts
I read the policy and decided not to install the FordPass app. I agree with many of your points. Current privacy law in the US needs attention...
Just FYI.
You need the app to use the phone as a key, i don’t think it supports apple PaaK yet.
 

·
Registered
Joined
·
15 Posts
I was installing the FordPass app on my phone, which requires an acceptance of terms, when some things in the privacy policy caught my eye.
The policy (which can be found here) permits Ford to collect and use at its discretion alarming amounts of personal information, including location, driving characteristics, information off your phone (including when not in the car), and even your photo. Moreover, the policy allows Ford to sell or share this information with pretty much whomever it likes, for example:
  • We may provide personal information to external companies under contract with us to enable delivery of the services and where they are subject to confidentiality and security obligations.
Just because we want to use some fancy app features with our car doesn't mean we should give up our privacy. And the liberal data sharing policy with other parties means that the likelihood of abusing, leaking, or hacking your data is even higher than with just Ford.

These policies should give you pause even if you don't think there's anything sensitive about your personal information and location. There are many innocent-enough situations where you may want to keep all this data private or control who sees it. For example:

  • You unintentionally rolled through that stop sign and nobody saw, so no harm done. But subsequently, your insurance premiums keep rising above market rates with no explanation. (I know some insurers let you opt-in to data sharing precisely so you can demonstrate how low-risk you are, but this policy potentially allows Ford to share this data with your insurer without an opt-in).
  • You drove to buy a surprise anniversary gift using Sync's navigation system (or even your phone's) and suddenly you have to explain to your spouse why your news feed is populated with unusual ads. (Of course, some destinations are even more sensitive.)
  • Going camping for the weekend? good for you! Too bad this information was obtained by your local burglary ring.

Data privacy and hacking risk are not a new topic, but there are different standards. For example, a company that processes credit card transactions above a certain volume must meet certain stringent physical and digital precautions. With FordPass' privacy policy, the security measures are unknown, and even how Ford uses it (beyond "provide you with great functionality and services"). Even worse, you have no control or knowledge who else gets to buy this data and how they use or protect it.

California residents have the option to limit the selling of this information. Does anyone know if there's a recourse for non-CA residents to limit information collection and sharing, beyond the phone number provided in the policy? Is there a way to communicate to Ford how egregious their policy sounds?
When I downloaded the app, I thought I selected the “option” associated with only sharing “necessary” information (eg, for the app to work) vs all information. I derive solace from the fact that I can delete at any time.
 

·
Registered
Joined
·
15 Posts
Discussion Starter · #11 ·
This link below is more descriptive on what Ford needs the various PII for. It’s a long read, but is very informative.

Thank you for sharing this link, which is informative indeed. To my reading, this policy is even more expansive than the app's, and reinforces some of my concerns. For example, it states specifically that Ford works with social media platforms to customize ad targeting (as per my second example above).
 
1 - 11 of 11 Posts
Top