AUSTRALIA’S growing fleet of connected vehicles is attracting increasing scrutiny from cybersecurity experts and government agencies, with the nation’s domestic intelligence service warning that internet-linked cars may pose a significant security risk.
The Australian Security Intelligence Organisation (ASIO) has advised politicians and public servants against discussing classified or sensitive information while travelling in connected vehicles, citing concerns over the volume of data modern vehicles can collect and transmit.
Speaking before Senate Estimates last week, ASIO deputy director-general Lisa Alonso Love said government officials should remain mindful of the risks associated with connected vehicle technology.
“People should be conscious of the things that they are discussing in vehicles, knowing that people may be able to get that information,” she said.
The warning comes as connected vehicle adoption accelerates across Australia.
Industry estimates suggest around half of all vehicles on Australian roads were internet-connected in 2021, with that figure expected to rise to almost 95 per cent by 2035.
Cybersecurity researchers say modern vehicles have evolved far beyond traditional transportation devices.
University of Technology Sydney cybersecurity consultant Montii Abid said today’s vehicles are effectively mobile computers capable of collecting extensive amounts of personal information.
“The tech’ has moved away from being something simple to being a computer with a microphone, cameras, personal data, everything,” he said.
Connected vehicles can collect information ranging from location data and driving behaviour to contacts, call logs, smartphone metadata and, in some cases, audio and video recordings.
Consumer advocacy group CHOICE has previously found that most major vehicle brands operating in Australia collect driver data, with many sharing information with third parties.
Concerns have intensified amid the rapid growth of Chinese-built vehicles in Australia, particularly electric vehicles from brands such as BYD and MG.
However, cybersecurity experts note that privacy concerns are not confined to any one country or manufacturer.
Opposition special minister of state James McGrath has called for a review of taxpayer-funded parliamentary vehicle programs following ASIO’s comments.
“The Albanese government cannot pretend there is no national security issue here, when these vehicles are effectively rolling data centres,” he said.
Australia’s privacy watchdog, the Office of the Australian Information Commissioner (OAIC), confirmed earlier this year it was investigating two Asian-based vehicle manufacturers over potential privacy concerns relating to data collection practices.
The regulator said particular attention was being paid to the collection and handling of location data and whether manufacturers were gathering more personal information than was reasonably necessary for vehicle functionality.
Cybersecurity experts say consumers should familiarise themselves with the privacy settings available within their vehicles and review manufacturer privacy policies to better understand what information is being collected and how it is used.
While connected vehicle technology enables features such as remote access, over-the-air software updates and enhanced infotainment systems, industry observers say balancing convenience with privacy and security will remain a growing challenge as vehicle connectivity becomes increasingly commonplace.