What Mario Bonfanti thought was simply an annoying emissions problem with his Range Rover Evoque has spiralled into a data protection issue that should concern every motorist who pairs their phone with their car. The 26-year-old energy advisor took delivery of his new Evoque in September 2018, but by February 2020 it had suffered four breakdowns related to its diesel particulate filter, a problem common to Land Rover models and recently highlighted by Autocar.
Frustrated by his car’s poor reliability, Bonfanti approached Rejectmycar.com, a firm that helps motorists in dispute with dealers and finance companies. According to Bonfanti, it was revealed during court proceedings that Park’s Land Rover Ayr, the dealership that sold him the Evoque, had downloaded all the electronic data stored in it. The aim of Park’s had been to examine the session file created at the time the vehicle broke down and which would establish how the Evoque was being driven. However, the global download it is alleged to have performed harvested data not only from the vehicle’s ECU but also from the memory in its multimedia system. As Bonfanti’s phone was directly synced, or shared, with the car, this data included his phone ID and serial numbers, his contacts and his messages.
Ian Ferguson of Rejectmycar.com claims Park’s Land Rover Ayr downloaded the Evoque’s data without his or his client’s permission, so breaking the terms of the Data Protection Act 2018. On the face of it, its actions may seem harmless: an innocent act by a garage trying to repair a car. Except that with up to 100 people working in a typical large dealership, collecting, processing and storing data is, says Ferguson, a job that must be performed responsibly and with respect for the law if customers’ privacy is to be safeguarded.
Examples where it hasn’t been include the Scottish Premiership footballer whose phone contacts were taken from his car’s memory and shared with others when the vehicle was at a dealer for routine servicing, and a lawyer who, while their car was also in a workshop, had their destination data harvested – data including the addresses of clients on witness protection programmes. Neither of these cases relates to Park’s Motor Group.
Join the debate
Add your comment
Moral of the story, dont buy a DPF equipped diesel if all you do is drive round town clogging it up, DPF problems are not purely a Landrover problem, and any journalist worth his or her salt knows that.
I personally think a bunch of these claims sound like law-firm conjecture rather than hard evidence. I don't know of any car that locally stores text messages. Typically the car just relays what the phone tells it to show. Most cars also sync contacts every time the phone connects to the car. There may be some way to manually request the contacts be stored in they car's infotainment system but I have no clue if this guy did that with his car or not.
I understand wanting to maintain your privacy, but things like this guy is complaining about just seem to be a bit over the top. He acts like they had installed a secret listening device or even a GPS tracker in his car. In reality it seems like a harmless case of the dealership trying whatever they could to fix a frequently broken down car. I would always assume data is going to be downloaded from my car if it's in the shop. Most owners manuals explicitly state that EDRs and other types of data can be pulled from the car. The guy is acting like his family had damaging information stolen from them. I just don't really see that. If I was a betting man I'd say it's in the hopes for getting some £!