The owner of a secondhand Model X found the previous owner's personal information still linked to the car.
Tesla has previously been accused of violating privacy policies, with the Chinese alleging EVs such as the Model X posed a security risk to government and military employees. Xi Jinping's government restricted the use of the brand's vehicles, as the camera system can record and track locations.
CEO Elon Musk has vehemently denied this. "There's a very strong incentive for us to be very confidential with any information. If Tesla used cars to spy in China or anywhere, we will get shut down." The latest string of privacy concerns may not be as easy to dismiss.
After making a surprising discovery, a Reddit user took to the platform to disclose the privacy violation. The secondhand Tesla owner explains that when looking through the Tesla App, he unearthed sensitive information about the previous owner: "His name, address, account number and previous payment history was all there."
This is concerning for several reasons, not least the possibility of fraud or identity theft. What's more, if it occurred with one Tesla App user, many more individuals likely have their information floating around on the app. The privacy breach can also lead to unsavory situations. "It wasn't hard to pop his name into Google and find his Instagram [account]."
While the intentions of this Reddit user may have been pure, the information may fall into the hands of a more devious individual next time round. The post was later edited to say the information was since removed. "Hopefully it was a system-wide change," they write.
But the issue seems to be widespread: one ex-Tesla owner replied that after he sold his EV, the new owner continued to use the Spotify account synched to the car. "I finally changed my Spotify password to kill the persistent sync."
Whether it's a glitch or a full-blown privacy issue, this is still a very concerning matter. This isn't the first time the company has suffered a breach. Earlier this year, a hacker claimed he had full remote control of over 20 Teslas across the world. The IT security expert said the vulnerability doesn't sit with Tesla itself, but rather the owners. While that may be true, he doesn't explain how and why he was able to do this on Tesla products in the first place.
About the privacy violation, some may point to user error; after all, as the owner of a product, you have the responsibility to ensure you've wiped any personal information from a device, be it a vehicle or smartphone. But that doesn't necessarily let Tesla off the hook. It should have a more thorough procedure for deleting personal information from a vehicle. It may not sound like a big deal, but it could lead to fairly dangerous events.