CONNECTING YOUR PHONE TO A RENTAL CAR?

by Al Dipasquale

Upon acquiring a rental car and being in possession of a smartphone, it’s customary for individuals to explore the connectivity options with the car’s infotainment and navigation system. In contemporary vehicles, drivers can seamlessly link their mobile devices, facilitating hands-free calling, music playback, and, in certain in-stances, even screen mirroring. This connectivity is typically achieved through a physical USB connection or the establishment of a Bluetooth pairing. 

You may assume that when connecting your phone to a rental car, there should be little to no risk to your personal information or privacy. However, after ‘hacking’ into an infotainment system experts discovered: Unique identifiers for previously connected phones, detailed log of phone calls; text messages; photos; and entire contact lists including other people’s names, address, and emails.

While the convenience of connecting your phone to a rental car is undeniable, it introduces potential risks to your personal information and privacy. The substantial amount of data retained by vehicle infotainment systems was recently brought to attention. This includes the storage of unique identifiers for previously connected phones, a comprehensive log of phone calls, text messages, stored photos, and the entirety of contact lists. 

Despite the absence of prominent reports on data breaches involving rental cars, the possibility of personal information collection exists. This could occur through the rental car company, the auto manufacturer, another renter, or an unauthorized third party. 

A common oversight when returning a rental car is leaving phones paired, inadvertently leaving personal data behind. Notably, many car rental companies lack explicit policies addressing the removal of personal data, placing the onus on the driver. AVIS, for instance, explicitly states in its privacy statement that they are not accountable for any data left in the vehicle. 

The last vehicle I rented from Hertz had two previous phones still in the memory, I deleted them, but other drivers may have other intentions. 

To fortify the protection of your personal data while utilizing a rental car, consider adopting the following precautionary measures: 

Control Access to Your Contacts:
When initiating the connection between your phone and the infotainment system, explore options to restrict access to your contact list through your phone’s operating system. Unfortunately, this won’t allow the car’s system to tell you who is calling. 

Consistently Unpair Your Device:
Establish a routine of unpairing your device from the car’s Bluetooth settings when returning the rental. This practice may contribute to the potential removal of collected information. 

Prefer Apple/Android Car Apps
Most phones already have maps and navigation systems so you can choose to use your phone. Bring along a phone holder that attaches to the vent of the vehicle to make this option safe. 

Caution in Connectivity
While somewhat impractical, limiting the frequency of connecting your phone to the car altogether represents an extreme yet effective measure to minimize exposure to personal data leakage. 

For those who remain concerned about privacy, even after adopting the measures, consider embracing more unconventional steps, not connecting to the rental at all, charging your phone via a 12-volt USB converter, utilizing audio connectors for playback, or resorting to a speakerphone or dedicated hands-free headset for communication.