{"id":55680,"date":"2026-04-29T11:27:03","date_gmt":"2026-04-29T15:27:03","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=55680"},"modified":"2026-05-19T07:37:55","modified_gmt":"2026-05-19T11:37:55","slug":"the-car-that-spied-on-you-carint","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/the-car-that-spied-on-you-carint\/55680\/","title":{"rendered":"Is your car spying on you?"},"content":{"rendered":"<p>It\u2019s best to think of the modern car as a computer on wheels \u2014 one that constantly offloads diagnostic data to the manufacturer or dealer\u2019s servers. On board, you\u2019ll find dozens of sensors: everything from GPS, speedometers, and hands-free microphones, to external cameras and the less obvious (but highly active) sensors for pedal pressure, tire pressure, engine temperature, and more. Even if this data isn\u2019t beamed to the manufacturer in real-time, it\u2019s logged in the car\u2019s internal memory, and can reveal a wealth of information about a driver\u2019s trips, habits, and surroundings. We\u2019ve already taken a deep dive into how <a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\">automakers collect data for commercial use<\/a>, and <a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\">who they sell it to<\/a> (spoiler alert: insurance companies are the biggest buyers of telemetry), but today we\u2019re looking at how law enforcement and intelligence agencies tap into this goldmine.<\/p>\n<h2>Digital evidence<\/h2>\n<p>Police departments across the globe have recognized the immense value of data stored within vehicles. If a car or its owner is potentially linked to a crime, investigators do more than just check for prints or DNA. Car Intelligence (CARINT) technology allows them to essentially scour all onboard computers, extracting data such as:<\/p>\n<ul>\n<li>GPS-based trip history<\/li>\n<li>Call logs, media player activity, and voice commands<\/li>\n<li>Lists of paired devices and synced contact lists<\/li>\n<li>Driving statistics: mileage, engine performance modes, and other technical parameters<\/li>\n<\/ul>\n<p>There are numerous precedents where this data has served as evidence and dismantled alibis. In one U.S. criminal case, <a href=\"https:\/\/www.nbcnews.com\/tech\/tech-news\/snitches-wheels-police-turn-car-data-destroy-suspects-alibis-n1251939\" target=\"_blank\" rel=\"noopener nofollow\">a recorded voice command became a smoking gun<\/a>, proving the suspect was behind the wheel of a stolen vehicle.<\/p>\n<p>With the rise of connected cars equipped with their own SIM cards and direct links to the manufacturer, law enforcement no longer needs physical access to the vehicle. Key data, such as GPS location history, can be pulled directly from the manufacturer\u2019s servers. Furthermore, a <a href=\"https:\/\/www.carscoops.com\/2024\/05\/senators-accuse-bmw-toyota-and-seven-other-brands-of-giving-up-consumer-location-data-without-a-warrant\/\" target=\"_blank\" rel=\"noopener nofollow\">U.S. Senate investigation revealed<\/a> that nine out of 14 surveyed automakers were providing this data without a warrant.<\/p>\n<p>Major suppliers of car intelligence software, such as Ateros, Berla, TA9\/Rayzone, and Toka, sell their solutions exclusively to government and law enforcement agencies, which is why they\u2019ve remained largely out of the public eye.<\/p>\n<h2>Comprehensive surveillance<\/h2>\n<p>To track persons of interest, data pulled from the vehicle itself is cross-referenced with information from other sources. According to <a href=\"https:\/\/www.haaretz.com\/israel-news\/security-aviation\/2026-02-16\/ty-article-magazine\/.premium\/your-car-is-spying-on-you-and-israeli-firms-are-leading-the-surveillance-race\/0000019c-6651-d2f0-a19c-7fdd81920000\" target=\"_blank\" rel=\"noopener nofollow\">media leaks<\/a>, flagship products in this category aggregate data from the car\u2019s SIM card, Bluetooth communication trails, street-level CCTV footage, and commercially available information from <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-remove-yourself-from-data-brokers-people-search-sites\/54209\/\" target=\"_blank\" rel=\"noopener nofollow\">data brokers<\/a>. This hybrid dataset simplifies the comprehensive mapping of a target\u2019s movements and contacts. Journalists have discovered that some companies even market the ability to activate a vehicle\u2019s microphones and cameras remotely and covertly, enabling real-time eavesdropping on conversations. However, experts note that due to the diversity of technical implementations across different systems, hacking the car itself remains a difficult task with no sure way of succeeding. Often, it\u2019s simpler to correlate other, more accessible datasets to achieve the same result.<\/p>\n<h2>Factory-installed spy tools<\/h2>\n<p>Features like covert activation of cameras, microphones, and other sensors may theoretically be part of a vehicle\u2019s stock functionality rather than the result of a hack. While we haven\u2019t found any public evidence of such cases, it\u2019s well known that Chinese-made vehicles are coming under increased scrutiny in several countries. For instance, they\u2019ve been <a href=\"https:\/\/www.haaretz.com\/israel-news\/security-aviation\/2026-02-16\/ty-article-magazine\/.premium\/your-car-is-spying-on-you-and-israeli-firms-are-leading-the-surveillance-race\/0000019c-6651-d2f0-a19c-7fdd81920000\" target=\"_blank\" rel=\"noopener nofollow\">banned from Israeli military sites<\/a> \u2014 with the exception of a single Chery model, provided its multimedia system is removed. Similar <a href=\"https:\/\/www.tagesschau.de\/investigativ\/ndr-wdr\/chinesische-hersteller-sicherheitsbehoerden-100.html\" target=\"_blank\" rel=\"noopener nofollow\">bans exist in the UK and Poland<\/a>; furthermore, UK Ministry of Defense employees are instructed not to connect their work phones to Chinese-made cars. In Germany, security analyses of Chinese vehicles were conducted by the specialized agencies BfV and ZITiS, but the findings remain classified.<\/p>\n<h2>Low-cost surveillance<\/h2>\n<p>Tracking a vehicle \u2014 or even thousands of them \u2014 doesn\u2019t necessarily require hacking onboard systems or tapping into vast networks of license plate readers. A recent <a href=\"https:\/\/dspace.networks.imdea.org\/bitstream\/handle\/20.500.12761\/2011\/Can%E2%80%99t%20Hide%20Your%20Stride_Inferring%20Car%20Movement.pdf?sequence=1\" target=\"_blank\" rel=\"noopener nofollow\">scientific study<\/a> demonstrated that innocent tire pressure monitoring systems (TPMS) provide enough data for effective tracking. Data from these sensors is transmitted via radio without any encryption and includes a unique ID that makes identifying a specific car easy. This allows for more than just confirming the vehicle\u2019s movement; it can even be used to estimate the driver\u2019s weight or determine if they are traveling alone. While this might not sound as impressive as remotely accessing a car\u2019s cameras, it requires very little financial investment and works even on relatively old vehicles without an internet connection.<\/p>\n<h2>What you can do about vehicle tracking<\/h2>\n<p>While tracking a person through their car is undoubtedly a privacy risk, striking a balance in mitigating this threat is difficult: many measures are complex, largely ineffective, and simultaneously reduce the utility, safety, and convenience of a modern vehicle. Consequently, any steps taken should be weighed against your personal risk profile.<\/p>\n<p>To reduce the risk of data leaks, check the privacy settings in the manufacturer\u2019s app, the car\u2019s infotainment system, and your connected smartphone. A connected car can transmit data about its operation to the cloud: information about trips, location, driving style, vehicle condition, and the operation of its components. Some of this data is necessary for navigation, diagnostics, and service, but not all permissions are required \u2014 check your settings and disable the transmission of data not related to the functions you need.<\/p>\n<p>Be careful with permissions for access to the microphone, camera, contacts, messages, and geolocation. Only connect your own devices to the car and don\u2019t save other people\u2019s phones or unfamiliar Bluetooth devices in the system. When syncing your smartphone, select only the features you need \u2014 such as calls, music, and navigation \u2014 rather than granting full access to all your phone\u2019s data.<\/p>\n<p>Do not use the services of technicians who offer to \u201cunlock\u201d your car, reflash electronic control units, or install unofficial software to expand features, increase power, or otherwise interfere with the car\u2019s operation. Such software has not been tested by the manufacturer: it may behave unpredictably, collect and transmit your data to malicious actors, disable security features, or affect critical vehicle systems \u2014 including steering, braking, or engine operation.<\/p>\n<p>And when choosing a new car, ask the dealer not only about the number of stars in NCAP safety tests, engine power, or fuel economy, but also about the cybersecurity technologies used in the vehicle. Solutions such as the <a href=\"https:\/\/os.kaspersky.com\/solutions\/kaspersky-automotive-secure-gateway\/\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Automotive Secure Gateway<\/a>, based on KasperskyOS, will provide the necessary protection for new cars against cyberthreats.<\/p>\n<blockquote><p>What other threats do connected cars hide? Read more in our posts:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/automotive-security-2025\/54562\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Highway to\u2026 hacked: cyberthreats to connected cars<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/perfektblue-bluetooth-car-hack\/54159\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Car hacking via Bluetooth<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/dashcam-hack-botnet-on-the-wheels\/54839\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Botnets on wheels: the mass hacking of dashcams<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/tracking-and-hacking-kia-cars-via-internet\/52497\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>How millions of Kia cars could be tracked<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>I know how you drove last summer<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Spies on wheels: how carmakers collect and then resell information<\/strong><\/a><\/li>\n<\/ul>\n<\/blockquote>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-geek\">\n","protected":false},"excerpt":{"rendered":"<p>How law enforcement and intelligence agencies leverage data from connected vehicles, and what your car might be leaking about you.<\/p>\n","protected":false},"author":2722,"featured_media":55681,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683],"tags":[651,1027,527,43,268],"class_list":{"0":"post-55680","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-cars","9":"tag-connected-devices","10":"tag-hacks","11":"tag-privacy","12":"tag-vulnerabilities"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/the-car-that-spied-on-you-carint\/55680\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/the-car-that-spied-on-you-carint\/30464\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/the-car-that-spied-on-you-carint\/25510\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/the-car-that-spied-on-you-carint\/30308\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/the-car-that-spied-on-you-carint\/41782\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/the-car-that-spied-on-you-carint\/30615\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/the-car-that-spied-on-you-carint\/36195\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/the-car-that-spied-on-you-carint\/35846\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/cars\/","name":"Cars"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/55680","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2722"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=55680"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/55680\/revisions"}],"predecessor-version":[{"id":55783,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/55680\/revisions\/55783"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/55681"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=55680"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=55680"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=55680"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}