✨ Discover this awesome post from Hacker News 📖
📂 **Category**:
💡 **What You’ll Learn**:
Advertiser Disclosure
All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this
site are from third-party advertisers from which All About Cookies receives compensation. This compensation
may impact how and where products appear on this site (including, for example, the order in which they
appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor
do
we include all companies or all available products. Information is accurate as of the publishing date and
has
not been provided or endorsed by the advertiser.
Close
Editorial Policy
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help
you, our reader, make online privacy decisions with confidence. Here’s what you can expect from us:
-
All About Cookies makes money when you click the links on our site to some of the products and offers that
we mention. These partnerships do not influence our opinions or recommendations. Read more about how we
make money. - Partners are not able to review or request changes to our content except for compliance reasons.
-
We aim to make sure everything on our site is up-to-date and accurate as of the publishing date, but we
cannot guarantee we haven’t missed something. It’s your responsibility to double-check all information
before making any decision. If you spot something that looks wrong, please let us know.
Close
Starting July 7, 2026, every new car sold in the European Union must include a driver monitoring camera aimed at your face. Glance at your phone, your kids in the back seat, or the radio for too long, and the car will flash a warning light and sound an alert.[1]
Automakers have known this was coming for years. What they, and EU regulators, have never spelled out is what happens to that footage after the alert goes off.
While the intention behind the new system is difficult to dispute, its implementation has raised several concerns. Early real-world testing suggests the distraction warnings can be overly sensitive and potentially distracting.
What the new driver monitoring camera actually does
The system is called Advanced Driver Distraction Warning, or ADDW. A small infrared camera near the steering wheel or dashboard tracks where your eyes point.
Look away from the road for more than 3.5 seconds at highway speed, or six seconds at slower speeds, and the car warns you with some combination of a light, a sound, or a vibration.
It switches on automatically above about 20 km/h (12 mph), and it cannot be permanently turned off.
Regulators are responding to a real problem: EU-funded research estimates driver distraction plays a role in 5% to 25% of car crashes, and the broader package of safety rules this camera belongs to is projected to save more than 25,000 lives by 2038.
That’s the easy part to explain. The harder part is what the camera does with what it sees.
Real drivers say the warnings are already exhausting
The new ADDW system was tested by Gocar.be, a leading online automotive platform in Belgium, in its Xpeng P7+. They found it fires on ordinary driving, not just distracted driving.
Glance away from an empty highway to take in the scenery, or look at the infotainment screen to change a song, and the warning goes off anyway.
While it’s theoretically possible to manually switch off the ADDW system, Gocar.be found that it’s automatically reactivated if it detects any problematic viewing behavior. This means that, in essence, it can never truly be switched off and keeps monitoring the driver at all times.
A Reddit user, u/premium_bawbag, who hired a Ford Puma for a week reported a similar experience.
“10 mins into driving, the distraction warning kicks in and tells you to take a break with an amber light on the instrument tablet and a loud bong. A big pop up message suggests you take a break. 10 mins later it does it again with a red light and loud bong. I found this incredibly distracting,” they said.
The user went on to say that switching the system off is only a temporary solution because it reactivates itself every time the engine is started.
The regulation doesn’t say what happens to your data
While there’s little question about the intention behind the new ADDW systems, there’s a lot of ambiguity and concern over data privacy, with little clarity in the underlying regulations.
On the positive side, the regulations require the ADDW system to work on a “closed loop” without the use of biometric data. This means that the data used to determine whether a driver is “distracted” must not leave the vehicle or be transmitted to the automobile manufacturer, its servers, or any third party. In essence, the data should be processed locally within the vehicle itself.
However, there are still several concerns surrounding the implementation:
- The regulations do not impose any independent audit or assurance mechanism to ensure that the ADDW systems installed in automobiles actually operate on a closed-loop basis.
- There’s little clarity over how the data is handled, what happens once the “distraction” decision is made by the system, how long the data is retained, or when it is deleted.
Article 6(3) of the GSR states that the system should be designed in such a way that it does not continuously record or retain data other than what is necessary for its purpose. However, it fails to define what is considered “necessary” specifically for ADDW systems, nor does it specify the exact retention period for such data.
Your driving data has already been sold before
None of this is a hypothetical worst case. In March 2024, The New York Times reported that GM, Honda, Acura, Kia, Hyundai, and Mitsubishi had all been sharing driver behavior data, including mileage, speed, hard braking, and rapid acceleration, with data brokers LexisNexis and Verisk.
Those brokers turned the raw data into “risk scores” and sold them to insurance companies. One driver, a careful one by his own account, saw his premium jump 21% and then requested his LexisNexis report. It ran 258 pages and logged nearly every trip he and his wife had taken over six months. GM ended the data-sharing in March 2024 after the reporting, and later paid California $12.75 million to settle claims it never properly disclosed the practice, according to the FTC.
That case involved driving behavior data, not camera footage. A separate 2023 Reuters investigation showed what happens once actual video is involved. Former Tesla employees told Reuters that the company’s internal messaging system was used to privately share sensitive recordings pulled from customers’ car cameras between 2019 and 2022, including footage of crashes, road-rage incidents, and, in some cases, people undressed near their vehicles. Some employees could see where a clip was recorded, meaning they could potentially identify where a specific owner lived.
Neither case involved ADDW footage, and neither automaker was legally required to explain what its cameras captured the way EU regulators will eventually have to. But both show what happens when a car company collects sensitive data under vague rules: someone downstream, an insurer, a data broker, or an employee with a messaging app, eventually gets access to it.
A 2023 review by the Mozilla Foundation found that pattern holds across the industry, not just at GM or Tesla: 84% of car brands reviewed share or sell driver data, and 76% sell it outright.
What protections do you actually have?
Even though the GSR itself is vague on data protection and retention, drivers aren’t fully left unprotected.
The EU’s General Data Protection Regulation (GDPR) automatically applies to any system that processes personal information about an identifiable person within the EU. An infrared camera that reads a driver’s face and gaze would almost certainly fall within that scope.
This means manufacturers cannot hide behind the GSR’s vague language and must adhere to the GDPR’s core principles, which include collecting only the data that is necessary, retaining it only for as long as needed, and giving drivers rights over their own data.
However, even with the GDPR, the uncertainty around what constitutes “necessary” still remains.
What you can do right now
- Check your automaker’s actual privacy policy, not its marketing page, for language on how long footage or eye-tracking data is retained, whether it’s shared with insurers or data brokers, and whether it ever leaves the vehicle.
- If you’re driving a rental or a new car in the EU, know the warning can typically be silenced for a single drive but not turned off permanently. It reactivates the next time the system flags your eyes wandering.
- Treat exposed driving or biometric data as a personal-data risk, not just a privacy footnote. An identity theft protection service that monitors for your information appearing on the dark web or being used to open new accounts won’t stop an automaker from collecting the data, but it can help you catch the damage early if that data ever gets out.
Bottom line
While the intention behind the ADDW system is well-founded and it has the potential to reduce road accidents caused by driver distraction, its implementation has also raised legitimate privacy concerns. Fortunately, many of these concerns could be addressed through slightly more airtight regulations.
Regulators should clearly define what is considered “necessary” for these systems and determine how long data may be retained after it has been processed.
Additionally, there should be an independent audit mechanism to ensure that the private data captured by ADDW systems is not being transmitted to manufacturers or third parties, or sold for monetary gain.
Author Details
Krishi Chowdhary specializes in digital privacy, cybersecurity, and consumer technology. With more than five years of experience, he has written extensively about online privacy tools, including VPNs, password managers, and identity theft protection, alongside broader cybersecurity topics such as online scams, data breaches, age verification, and emerging digital threats.
At AAC, Krishi focuses on staying ahead of industry trends, translating fast-moving developments into clear, actionable insights for everyday readers. He believes technology reporting should empower readers, not confuse them, and is committed to making even the most technical subjects easy to understand without compromising on accuracy or depth.
His work has appeared in leading technology publications, including CNET, ExpressVPN, and TechRadar, where he has covered everything from cybersecurity incidents and privacy product announcements to artificial intelligence and major technology industry news.
⚡ **What’s your take?**
Share your thoughts in the comments below!
#️⃣ **#Cars #Sold #Require #Camera #Aimed #Face #Clear #Data**
🕒 **Posted on**: 1783458078
🌟 **Want more?** Click here for more info! 🌟
