How much does your car know about you? Probably more than you realize. With new cars coming with increasing numbers of gadgets to do everything from monitor engine systems to providing in-car entertainment, the age of the connected car has arrived. As with everything IoT, this convenience comes at a price.

In 2015, Wired magazine worked with security researchers to show how a Jeep could be commandeered by hackers, and out of the control of the driver. The demonstration showed just how vulnerable cars are to security flaws. Modern cars now have so many electronic components that mechanics must often use specialized equipment to service them.

In addition to devices embedded in vehicles, many insurance companies have moved towards something called usage-based insurance (UBI), which uses data gathered from a device inserted into the car by the consumer in order to get a discount on their insurance policy. While consumers might know that the device gathers data about their driving habits, they may not realize just how much information is collected. Researchers at Ben Gurion University of the Negev have recently shown that with only one piece of information gathered by the UBI system, an attacker can learn a “driver’s whereabouts, home, work, or who they met with”.

The conversation about vehicle privacy has been lively in recent years, as awareness of the issues has grown. Recently, the Future of Privacy Forum and the National Automobile Dealers Association teamed up to produce a consumer guide to cars and privacy. But for many consumers, the privacy options still leave much to be desired, with little opportunity to choose cars with fewer embedded devices to begin with. Even going on vacation with a rental car is fraught with privacy problems. As autonomous driving takes off, it’s likely that privacy concerns will only increase.