Darlene Storm

Nissan Leaf secretly leaks driver location, speed to websites

June 14, 2011 1:00 PM EDT

While getting the equivalent of 99 miles per gallon might seem like great reason to purchase a Nissan Leaf plug-in hatchbacks, a security eco-geek discovered the 100% electric car secretly shares precise location information with websites accessed through its built-in RSS reader.

"Nissan's Carwings system connects all Nissan Leafs to a network, wirelessly feeding their energy economy statistics to a central server," explained Mashable. The wirelessly connected electric cars cannot communicate with each other directly, but it does "crowdsource" to see how drivers compare to each other in terms of energy economy. Carwings [PDF] also supplies Leaf owners with the ability to keep up with the news via a built-in RSS reader.

Seattle-based Casey Halverson reported,"The Leaf Carwings system is a GSM cellular connection to the internet for providing voluntary telemetry information to Nissan, new charging stations, competitive driver rankings, and even RSS feeds." But after Halverson played around with his new toy and RSS feeds, he discovered his personal location data was leaking, like longitude and latitude. His speed and destination was also secretly being "provided to any third party RSS provider you configure: CNN, Fox News, Weather Channel, it doesn't matter!"

After a bit more tinkering, he determined that his precise geographic coordinates, speed, direction, and destination was sent in clear text whether he wanted it shared or not. "There is no way to prevent this data from being sent, nor does Nissan or CARWINGS warn you that all of your location data can be flung off to random third parties." He added that Carwings provides "real-time data at that moment where you are located."

Halverson created a Car Spy RSS proof-of-concept so other Leaf drivers can test it out. The video below explains the privacy liability of location, speed, direction and navigation destination being sent to RSS sites and how you can write your own location-based RSS feeds.

The $33,000 electric Nissan Leaf can travel 73 miles per charge when its lithium-ion battery pack is fully charged, according to a EPA rating. According to the Boston Globe, "While anyone can reserve a Leaf for a $99 fee, for now Nissan lets people in only seven states actually place orders: Arizona, California, Hawaii, Oregon, Tennessee, Texas, and Washington. The automaker will start taking orders in seven additional states in the East this summer."

Although websites don't seem to be abusing the privacy leak at this time, it does have the potential to be abused as domestic surveillance by government or law enforcement.

Speaking of domestic surveillance, the Epoch Times reported, "For years now Chinese authorities have been installing spying devices on all dual-plate Chinese-Hong Kong vehicles, enabling a vast network of eavesdropping." The original report in Apple Daily seemed to have disappeared, but a cache shows that a smuggler told reporters, "For every ten cars we ran we only had [smuggled goods] in three or four to reduce the risk, but the border agents caught all of them. The accuracy was unreal!"

Zheng Liming, an Associate Professor of Electrical Engineering at City University of Hong Kong, also tore apart the "Chinese spying device" and confirmed that the signal receiving range could allow the device to listen in on conversations a little more than 12 miles (20km) away. "This device uses chips commonly found in Bluetooth and voice recording devices, designed for receiving voice transmission." Yet when a reporter confronted the Shenzhen Inspection and Quarantine Bureau with accusations of spying, the staff unsurprisingly "flatly denied the idea."

In comparison, that almost makes the Nissan Leaf location privacy leak look tame.

Image credit: Tennen-Gas