{"id":35846,"date":"2026-04-29T17:27:11","date_gmt":"2026-04-29T15:27:11","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/?p=35846"},"modified":"2026-04-29T17:27:11","modified_gmt":"2026-04-29T15:27:11","slug":"the-car-that-spied-on-you-carint","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/the-car-that-spied-on-you-carint\/35846\/","title":{"rendered":"Is your car spying on you?"},"content":{"rendered":"<p>It\u2019s best to think of the modern car as a computer on wheels \u2014 one that constantly offloads diagnostic data to the manufacturer or dealer\u2019s servers. On board, you\u2019ll find dozens of sensors: everything from GPS, speedometers, and hands-free microphones, to external cameras and the less obvious (but highly active) sensors for pedal pressure, tire pressure, engine temperature, and more. Even if this data isn\u2019t beamed to the manufacturer in real-time, it\u2019s logged in the car\u2019s internal memory, and can reveal a wealth of information about a driver\u2019s trips, habits, and surroundings. We\u2019ve already taken a deep dive into how <a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\">automakers collect data for commercial use<\/a>, and <a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\">who they sell it to<\/a> (spoiler alert: insurance companies are the biggest buyers of telemetry), but today we\u2019re looking at how law enforcement and intelligence agencies tap into this goldmine.<\/p>\n<h2>Digital evidence<\/h2>\n<p>Police departments across the globe have recognized the immense value of data stored within vehicles. If a car or its owner is potentially linked to a crime, investigators do more than just check for prints or DNA. Car Intelligence (CARINT) technology allows them to essentially scour all onboard computers, extracting data such as:<\/p>\n<ul>\n<li>GPS-based trip history<\/li>\n<li>Call logs, media player activity, and voice commands<\/li>\n<li>Lists of paired devices and synced contact lists<\/li>\n<li>Driving statistics: mileage, engine performance modes, and other technical parameters<\/li>\n<\/ul>\n<p>There are numerous precedents where this data has served as evidence and dismantled alibis. In one U.S. criminal case, <a href=\"https:\/\/www.nbcnews.com\/tech\/tech-news\/snitches-wheels-police-turn-car-data-destroy-suspects-alibis-n1251939\" target=\"_blank\" rel=\"noopener nofollow\">a recorded voice command became a smoking gun<\/a>, proving the suspect was behind the wheel of a stolen vehicle.<\/p>\n<p>With the rise of connected cars equipped with their own SIM cards and direct links to the manufacturer, law enforcement no longer needs physical access to the vehicle. Key data, such as GPS location history, can be pulled directly from the manufacturer\u2019s servers. Furthermore, a <a href=\"https:\/\/www.carscoops.com\/2024\/05\/senators-accuse-bmw-toyota-and-seven-other-brands-of-giving-up-consumer-location-data-without-a-warrant\/\" target=\"_blank\" rel=\"noopener nofollow\">U.S. Senate investigation revealed<\/a> that nine out of 14 surveyed automakers were providing this data without a warrant.<\/p>\n<p>Major suppliers of car intelligence software, such as Ateros, Berla, TA9\/Rayzone, and Toka, sell their solutions exclusively to government and law enforcement agencies, which is why they\u2019ve remained largely out of the public eye.<\/p>\n<h2>Comprehensive surveillance<\/h2>\n<p>To track persons of interest, data pulled from the vehicle itself is cross-referenced with information from other sources. According to <a href=\"https:\/\/www.haaretz.com\/israel-news\/security-aviation\/2026-02-16\/ty-article-magazine\/.premium\/your-car-is-spying-on-you-and-israeli-firms-are-leading-the-surveillance-race\/0000019c-6651-d2f0-a19c-7fdd81920000\" target=\"_blank\" rel=\"noopener nofollow\">media leaks<\/a>, flagship products in this category aggregate data from the car\u2019s SIM card, Bluetooth communication trails, street-level CCTV footage, and commercially available information from <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-remove-yourself-from-data-brokers-people-search-sites\/54209\/\" target=\"_blank\" rel=\"noopener nofollow\">data brokers<\/a>. This hybrid dataset simplifies the comprehensive mapping of a target\u2019s movements and contacts. Journalists have discovered that some companies even market the ability to activate a vehicle\u2019s microphones and cameras remotely and covertly, enabling real-time eavesdropping on conversations. However, experts note that due to the diversity of technical implementations across different systems, hacking the car itself remains a difficult task with no sure way of succeeding. Often, it\u2019s simpler to correlate other, more accessible datasets to achieve the same result.<\/p>\n<h2>Factory-installed spy tools<\/h2>\n<p>Features like covert activation of cameras, microphones, and other sensors may theoretically be part of a vehicle\u2019s stock functionality rather than the result of a hack. While we haven\u2019t found any public evidence of such cases, it\u2019s well known that Chinese-made vehicles are coming under increased scrutiny in several countries. For instance, they\u2019ve been <a href=\"https:\/\/www.haaretz.com\/israel-news\/security-aviation\/2026-02-16\/ty-article-magazine\/.premium\/your-car-is-spying-on-you-and-israeli-firms-are-leading-the-surveillance-race\/0000019c-6651-d2f0-a19c-7fdd81920000\" target=\"_blank\" rel=\"noopener nofollow\">banned from Israeli military sites<\/a> \u2014 with the exception of a single Chery model, provided its multimedia system is removed. Similar <a href=\"https:\/\/www.tagesschau.de\/investigativ\/ndr-wdr\/chinesische-hersteller-sicherheitsbehoerden-100.html\" target=\"_blank\" rel=\"noopener nofollow\">bans exist in the UK and Poland<\/a>; furthermore, UK Ministry of Defense employees are instructed not to connect their work phones to Chinese-made cars. In Germany, security analyses of Chinese vehicles were conducted by the specialized agencies BfV and ZITiS, but the findings remain classified.<\/p>\n<h2>Low-cost surveillance<\/h2>\n<p>Tracking a vehicle \u2014 or even thousands of them \u2014 doesn\u2019t necessarily require hacking onboard systems or tapping into vast networks of license plate readers. A recent <a href=\"https:\/\/dspace.networks.imdea.org\/bitstream\/handle\/20.500.12761\/2011\/Can%E2%80%99t%20Hide%20Your%20Stride_Inferring%20Car%20Movement.pdf?sequence=1\" target=\"_blank\" rel=\"noopener nofollow\">scientific study<\/a> demonstrated that innocent tire pressure monitoring systems (TPMS) provide enough data for effective tracking. Data from these sensors is transmitted via radio without any encryption and includes a unique ID that makes identifying a specific car easy. This allows for more than just confirming the vehicle\u2019s movement; it can even be used to estimate the driver\u2019s weight or determine if they are traveling alone. While this might not sound as impressive as remotely accessing a car\u2019s cameras, it requires very little financial investment and works even on relatively old vehicles without an internet connection.<\/p>\n<h2>What you can do about vehicle tracking<\/h2>\n<p>While tracking a person through their car is undoubtedly a privacy risk, striking a balance in mitigating this threat is difficult: many measures are complex, largely ineffective, and simultaneously reduce the utility, safety, and convenience of a modern vehicle. Consequently, any steps taken should be weighed against your personal risk profile.<\/p>\n<h4>Basic security measures<\/h4>\n<ul>\n<li>Avoid syncing your smartphone with your car via Bluetooth, CarPlay, or Android Auto. Decline requests to sync your contact book, call history, and messages. If you need the advanced navigation and multimedia features these services provide, consider either installing the required apps directly onto the head unit or purchasing an inexpensive Android box with its own SIM card \u2014 an anonymous one, if permitted in your country.<\/li>\n<li>Periodically clear accumulated data from the head unit: trip history, unnecessary paired Bluetooth devices, and so on.<\/li>\n<li>Whenever possible, avoid using the manufacturer\u2019s mobile app, especially remote control features. If you can\u2019t do without this app, opt out of sharing your data with third parties in the app settings. Disable data sharing in the vehicle\u2019s own settings as well, if the option is available.<\/li>\n<li>Do not use voice commands in the car.<\/li>\n<\/ul>\n<h4>Advanced security measures<\/h4>\n<ul>\n<li>Buying an older, \u201cdumb\u201d car. This is a fairly effective way to reduce surveillance risks, though it increases the safety risks and discomfort associated with driving an outdated vehicle. Keep in mind that tracking via street cameras or the smartphone in the driver\u2019s pocket is still possible.<\/li>\n<li>Dismantling telematics hardware (disabling the car\u2019s cellular module). While theoretically possible, this solution will likely void the vehicle\u2019s warranty. It may also violate local laws regarding mandatory emergency communication systems, and will disable numerous vehicle features that rely on telematics.<\/li>\n<\/ul>\n<blockquote><p>What other threats do connected cars hide? Read more in our posts:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/automotive-security-2025\/54562\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Highway to\u2026 hacked: cyberthreats to connected cars<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/perfektblue-bluetooth-car-hack\/54159\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Car hacking via Bluetooth<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/dashcam-hack-botnet-on-the-wheels\/54839\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Botnets on wheels: the mass hacking of dashcams<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/tracking-and-hacking-kia-cars-via-internet\/52497\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>How millions of Kia cars could be tracked<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/car-manufacturers-silently-sell-user-telematics-data\/51245\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>I know how you drove last summer<\/strong><\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/spies-on-wheels-how-carmakers-sell-your-intimate-data\/49341\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Spies on wheels: how carmakers collect and then resell information<\/strong><\/a><\/li>\n<\/ul>\n<\/blockquote>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-geek\">\n","protected":false},"excerpt":{"rendered":"<p>How law enforcement and intelligence agencies leverage data from connected vehicles, and what your car might be leaking about you.<\/p>\n","protected":false},"author":2722,"featured_media":35847,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2670],"tags":[651,1027,527,43,268],"class_list":{"0":"post-35846","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-cars","9":"tag-connected-devices","10":"tag-hacks","11":"tag-privacy","12":"tag-vulnerabilities"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/the-car-that-spied-on-you-carint\/35846\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/the-car-that-spied-on-you-carint\/30464\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/the-car-that-spied-on-you-carint\/25510\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/the-car-that-spied-on-you-carint\/30308\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/the-car-that-spied-on-you-carint\/41782\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/the-car-that-spied-on-you-carint\/55680\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/the-car-that-spied-on-you-carint\/30615\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/the-car-that-spied-on-you-carint\/36195\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/cars\/","name":"Cars"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/35846","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/2722"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=35846"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/35846\/revisions"}],"predecessor-version":[{"id":35848,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/35846\/revisions\/35848"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/35847"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=35846"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=35846"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=35846"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}