Rental cars can be data thieves, warns FTC

The convenience of automotive IT systems that connect smartphones with onboard media players might not be worth the risk of data loss when it comes to rental cars, according to the Federal Trade Commission.

Lisa Weintraub Schifferle, an attorney in the FTC's Division of Consumer and Business Education, said that when you return the car, those connected systems might betray you. That's because your activities can leave a data trail for those who know where to look, she wrote in an Aug. 30 blog entry that was cross-posted by the U.S. Computer Emergency Readiness Team.

The car's GPS device can store the locations you visited, possibly including where you work and live. If you connect your smartphone to any of the systems in the vehicle, it could reveal your telephone number, call and message logs, contacts and text messages, she added.

If you connect to any system in a rented vehicle, you must proactively delete the data to keep it from being accessed by the next driver or by hackers, she said.

Schifferle also recommended charging a smartphone via an adapter rather than a rental car's USB port, which could automatically transfer your data to the onboard systems. And she advocated checking onboard screens for options to limit access to connected devices and deleting your devices from the list when you return the vehicle.