The Australian Privacy Commissioner is investigating two automakers over potential breaches of privacy laws, after revealing two previous cases were dropped due to a low chance of a successful prosecution.
The Sydney Morning Herald reported that Privacy Commissioner Carly Kind revealed the investigations during a Senate estimates hearing on February 10, 2026, responding to a question from Nationals Senator Bridget McKenzie.
“We have open investigations against two separate entities. We conducted further preliminary inquiries against two separate entities, but did not decide to take them forward,” the commissioner said.
The investigations come after previous concerns both here and overseas about data collection in cars with internet connections – often referred to as ‘connected cars’ – and how this information is used, sold, and even who legally owns it. CarExpert can save you thousands on a new car. Click here to get a great deal.
According to its website, the role of the Office of the Australian Information Commissioner – the formal name of Ms Kind’s department – is to “promote and uphold your rights to access government-held information and have your personal information protected”.
The commissioner didn’t name the car companies being investigated, nor disclose the two brands whose investigations were previously dropped without prosecution.
When asked where the automakers being investigated were based, the commissioner confirmed they were in Asia, but didn’t name any specific countries.
In 2024, concerns over ‘spying’ vehicles saw then US President Joe Biden ban software and hardware from China and Russia in cars sold there, a move which has helped lock Chinese car brands out of the lucrative US market – second only to China in terms of the number of new cars sold each year.
Similarly, in 2018 the Morrison government in Australia banned Chinese brand Huawei from taking part in the rollout of 5G infrastructure over ‘national security concerns’.
More recently, Doug Ford – the premier of Canada’s most populous province, Ontario – warned of the dangers of letting Chinese cars into his country.
“I call it the spy car that they’re bringing in,” he said, in remarks reported by Automotive News.
At the University of New South Wales (UNSW) in May 2025, Ms Kind said connected cars could access vast amounts of sensitive personal information, with overcollection posing “significant privacy risks” to individuals.
“By collecting so many data points, connected cars provide as many opportunities for malicious or rogue actors to access and misuse that information,” Ms Kind said in a speech at the university.
In 2024, Australia’s CHOICE magazine asked 10 of Australia’s best-selling vehicle brands to explain what data they collect, and what they do with it.
Some brands said they sold Australian motorists’ data such as voice data, location and other information to third parties, including advertisers.
The worst offenders sold data to a well-known artificial intelligence (AI) company in the US.
“What these car companies are doing is totally unacceptable – it should be illegal,” Dr Vanessa Teague told CHOICE after the report.
“These practices are good evidence that we need the Privacy Act updated or the Privacy Act enforced, because none of this should be acceptable in our country.
“Opt-out is not the answer; you should have to opt-in to some of these features if you want them. Many of these other features should simply be illegal.”
MORE: Data from 800,000 Volkswagen EVs exposed after security lapse
