by Jayson Hawkins
More people are becoming aware that personal data is the currency of the Information Age in which we are living. Many have grown accustomed to taking steps to protect privacy on their phones and other digital devices, yet few may know about emerging technologies that allow law enforcement agencies and other data thieves to siphon information from their vehicle.
According to The Intercept, U.S. Customs and Border Protection (“CBP”) contracted with a Swedish company, MSAB, for five “vehicle forensic kits” and other hardware designed to extract data from onboard computers in cars. MSAB said their device, known as an “iVe” can retrieve information such as “recent destinations, favorite locations, call logs, contact lists, SMS messages, emails, pictures, videos, social media feeds, and the navigation history of everywhere the vehicle has been.”
While much of this data may originate in the use of the vehicle itself, a huge portion can be taken from any and all smartphones that have been paired with the car’s infotainment system. Newer vehicles are often designed in tandem with phones, but people may not be aware that their car records their complete contact list when they are prompted by their vehicle to share it. Hardware marketed by data extraction companies like MSAB and Cellebrite can thus essentially gain access to everything in someone’s phone without their password.
The founder of Berla, the American manufacturer of the iVe system, explained how easily the transfer happens on The Forensic Lunch podcast in 2015: “Your phone died, you’re gonna get in the car, plug it in, and there’s going to be this nice convenient USB port, it’s going to charge your phone, absolutely. And as soon as it powers up, it’s going to start sucking all your data down into the car,” Ben Lemere said.
Lemere went on to describe the vast amount of data taken from a single rental car: “We had a Ford Explorer … we pulled the system out, and we recovered 70 phones that had been connected to it. All of their call logs, their contacts, and their SMS history, as well as their music preferences, songs that were on their device, and some of their Facebook and Twitter things as well … And it’s quite comical when you sit back and read some of their text messages.”
Such blatant violations of privacy are possible because, unlike with phones, the courts have yet to set a precedent that protects data stored by a vehicle like other personal information. Unless or until that happens, there is likely little to stop CBP or other law enforcement groups from obtaining everything they want to know about people straight from their cars.
As a digital subscriber to Criminal Legal News, you can access full text and downloads for this and other premium content.
Already a subscriber? Login