It's worse than that. The way the law works is that you'll only have standing to sue if you're harmed in some way. But since your data is slurped into a big black box, and then passed around and used by 3rd parties, the connection back to the original ingress point is tenuous at best. Some of those 3rd parties, arguably the most harmful, will themselves be law enforcement, and in the US they have qualified immunity, section 720, and a vast array of a) excuses to snoop and b) immunity from consequence. So, it's worse than illegal because you'll never have standing to sue them and find out.
Of course, the solution is to not buy their products or, if you do, substantially modify them to remove all owner-hostile features after-market. Indeed, I predict a healthy secondary car (and phone!) market where trusted 3rd parties "sanitize" the product to protect the owner.
It's worse than that. The way the law works is that you'll only have standing to sue if you're harmed in some way. But since your data is slurped into a big black box, and then passed around and used by 3rd parties, the connection back to the original ingress point is tenuous at best. Some of those 3rd parties, arguably the most harmful, will themselves be law enforcement, and in the US they have qualified immunity, section 720, and a vast array of a) excuses to snoop and b) immunity from consequence. So, it's worse than illegal because you'll never have standing to sue them and find out.
Of course, the solution is to not buy their products or, if you do, substantially modify them to remove all owner-hostile features after-market. Indeed, I predict a healthy secondary car (and phone!) market where trusted 3rd parties "sanitize" the product to protect the owner.