Nissan: Difference between revisions

(6 intermediate revisions by 4 users not shown)

Line 3:

|Founded = 1933

|Industry = Automotive

|Logo = Nissan ~~Motor Corporation 2020~~ logo~~-local file~~.svg

|Logo = Nissan logo.svg

|ParentCompany =

|Type = Public

Line 15:

*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}</ref>

*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}<nowiki></ref></nowiki>

*'''Cost of software updates:''' It is up to Nissan's discretion if certain software updates are offered for free or are withheld until certain fees are paid.<ref>{{Cite web |author= |title=NissanConnect® {{!}} Vehicle Software |url=https://www.nissan.ca/services/apps/nissan-connect/software.html |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250920213457/https://www.nissan.ca/services/apps/nissan-connect/software.html |archive-date=20 Sep 2025 |quote=Additionally, updates or modifications to Software may be made available by Nissan for download and installation by owners from time to time, either on a complimentary or for-fee basis, as determined by Nissan in its sole discretion.}}</ref>

Line 22:

===Invasive data sharing (''2023'')===

In 2023, a report by the [[Mozilla|Mozilla Foundation]] found that Nissan, along with other major car manufacturers, were recording a large amount of customer data which were classed as a "privacy nightmare"<ref>{{Cite web |last1=Caltrider |first1=Jen |last2=Rykov |first2=Misha |last3=MacDonald |first3=Zoë |title=It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy |url=https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |website=Mozilla Foundation |date=6 Sep 2023 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260127041610/https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |archive-date=27 Jan 2026}}</ref> for consumers. This report found that Nissan were collecting a very large amount of personal data with very little security information, and could record information about the customer's "sexual activity" as per their terms and conditions. Mozilla found Nissan to be the worst perpetrator in terms of data collection and privacy policies, only behind [[Tesla, Inc.|Tesla]] who was using driver data to train their autopilot AI feature. The report found all car companies to be breaching privacy rights of their customers, however Nissan's privacy policy stood out to researchers as one of the worst they investigated.

In 2023, a report by the [[Mozilla|Mozilla Foundation]] found that Nissan, along with other major car manufacturers, were recording a large amount of customer data which were classed as a "privacy nightmare"<ref>{{Cite web |last1=Caltrider |first1=Jen |last2=Rykov |first2=Misha |last3=MacDonald |first3=Zoë |title=It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy |url=https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |website=Mozilla Foundation |date=6 Sep 2023 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260127041610/https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |archive-date=27 Jan 2026}}</ref> for consumers. This report found that Nissan were collecting a very large amount of personal data with very little security information, and could record information about the customer's "sexual activity", per their terms and conditions, with the possibility of selling the data to third-party advertisers<ref>{{Cite news |last=Zilber |first=Ariel |date=2023-09-06 |title=Nissan, Kia can collect data on drivers’ ‘sexual activity’ and ‘sex lives’: privacy watchdog |url=https://nypost.com/2023/09/06/nissan-kia-collect-data-about-drivers-sexual-activity/ |url-status=live |access-date=2026-05-05 |work=New York Post}}</ref>. Mozilla found Nissan to be the worst perpetrator in terms of data collection and privacy policies, only behind [[Tesla, Inc.|Tesla]]<ref name=":0">{{Cite news |last=Price |first=Emily |date=2023-09-06 |title=Your dream car is a privacy nightmare |url=https://www.fastcompany.com/90949162/car-privacy-tesla-nissan-honda-mozilla-list |url-status=live |access-date=2026-05-05 |work=Fast Company}}</ref> who was using driver data to train their autopilot AI feature. The report found all car companies to be breaching privacy rights of their customers, however Nissan's privacy policy stood out to researchers as one of the worst they investigated<ref name=":0" />.

===Shutdown of 2G app for older electric cars in the UK (''2024'')===

Line 34:

===Safety issues with the NissanConnect EV app (''2025'')===

Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>

===NissanConnect EV app discontinuation (2026)===

In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>

===NissanConnect security vulnerability (2016)===

In February 2016, security researcher Troy Hunt disclosed that the NissanConnect EV API had no authentication. The API identified vehicles using only the last five digits of the Vehicle Identification Number (VIN), and requests were completely anonymous. Anyone with a smartphone could remotely activate climate control, view GPS logs, and monitor battery status on any of the approximately 200,000 affected Leaf and e-NV200 vehicles worldwide.<ref name="threatpost-hunt">{{Cite web |last=Zorz |first=Zeljka |date=2016-02-26 |title=Troy Hunt Explains Nissan Leaf Car Hack |url=https://threatpost.com/total-recall-troy-hunt-breaks-down-his-nissan-hack/116497/ |access-date=2026-03-25 |website=Threatpost}}</ref>

Hunt demonstrated the vulnerability by remotely activating the climate control on a colleague's car in the UK from his location in Australia. He had spent over a month attempting to notify Nissan before going public. Nissan took the app offline and didn't restore it for several months.<ref name="threatpost-hunt" />

==Products==

Line 39:

Line 47:

==See also==

~~{{Ph-C-SA}}~~

*[[BMW]]

*[[Tesla]]

*[[Toyota]]

==References==

Line 46:

Line 57:

[[Category:Nissan]]

[[Category:Companies]]

[[Category:Companies using forced arbitration clauses]]

@@ Line 3: / Line 3: @@
 |Founded = 1933
 |Industry = Automotive
-|Logo = Nissan Motor Corporation 2020 logo-local file.svg
+|Logo = Nissan logo.svg
 |ParentCompany =
 |Type = Public
@@ Line 15: / Line 15: @@
 {{Ph-C-CIS}}
-*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}</ref>
+*'''Arbitration:''' Nissan's [[EULA]] requires disputes to be settled by [[Forced arbitration|arbitration]].{{Cite web |author= |title=Nissan Vehicle Software End User License Agreement |url=https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20240219124518/https://www.nissan.ca/content/dam/Nissan/Canada/software/Nissan-Vehicle-Software-End-User-License-Agreement.pdf |archive-date=19 Feb 2024}}<nowiki></ref></nowiki>
 *'''Cost of software updates:''' It is up to Nissan's discretion if certain software updates are offered for free or are withheld until certain fees are paid.<ref>{{Cite web |author= |title=NissanConnect® {{!}} Vehicle Software |url=https://www.nissan.ca/services/apps/nissan-connect/software.html |website=Nissan |date= |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20250920213457/https://www.nissan.ca/services/apps/nissan-connect/software.html |archive-date=20 Sep 2025 |quote=Additionally, updates or modifications to Software may be made available by Nissan for download and installation by owners from time to time, either on a complimentary or for-fee basis, as determined by Nissan in its sole discretion.}}</ref>
@@ Line 22: / Line 22: @@
 ===Invasive data sharing (''2023'')===
-In 2023, a report by the [[Mozilla|Mozilla Foundation]] found that Nissan, along with other major car manufacturers, were recording a large amount of customer data which were classed as a "privacy nightmare"<ref>{{Cite web |last1=Caltrider |first1=Jen |last2=Rykov |first2=Misha |last3=MacDonald |first3=Zoë |title=It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy |url=https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |website=Mozilla Foundation |date=6 Sep 2023 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260127041610/https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |archive-date=27 Jan 2026}}</ref> for consumers. This report found that Nissan were collecting a very large amount of personal data with very little security information, and could record information about the customer's "sexual activity" as per their terms and conditions. Mozilla found Nissan to be the worst perpetrator in terms of data collection and privacy policies, only behind [[Tesla, Inc.|Tesla]] who was using driver data to train their autopilot AI feature. The report found all car companies to be breaching privacy rights of their customers, however Nissan's privacy policy stood out to researchers as one of the worst they investigated.
+In 2023, a report by the [[Mozilla|Mozilla Foundation]] found that Nissan, along with other major car manufacturers, were recording a large amount of customer data which were classed as a "privacy nightmare"<ref>{{Cite web |last1=Caltrider |first1=Jen |last2=Rykov |first2=Misha |last3=MacDonald |first3=Zoë |title=It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy |url=https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |website=Mozilla Foundation |date=6 Sep 2023 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20260127041610/https://www.mozillafoundation.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/ |archive-date=27 Jan 2026}}</ref> for consumers. This report found that Nissan were collecting a very large amount of personal data with very little security information, and could record information about the customer's "sexual activity", per their terms and conditions, with the possibility of selling the data to third-party advertisers<ref>{{Cite news |last=Zilber |first=Ariel |date=2023-09-06 |title=Nissan, Kia can collect data on drivers’ ‘sexual activity’ and ‘sex lives’: privacy watchdog |url=https://nypost.com/2023/09/06/nissan-kia-collect-data-about-drivers-sexual-activity/ |url-status=live |access-date=2026-05-05 |work=New York Post}}</ref>. Mozilla found Nissan to be the worst perpetrator in terms of data collection and privacy policies, only behind [[Tesla, Inc.|Tesla]]<ref name=":0">{{Cite news |last=Price |first=Emily |date=2023-09-06 |title=Your dream car is a privacy nightmare |url=https://www.fastcompany.com/90949162/car-privacy-tesla-nissan-honda-mozilla-list |url-status=live |access-date=2026-05-05 |work=Fast Company}}</ref> who was using driver data to train their autopilot AI feature. The report found all car companies to be breaching privacy rights of their customers, however Nissan's privacy policy stood out to researchers as one of the worst they investigated<ref name=":0" />.
 ===Shutdown of 2G app for older electric cars in the UK (''2024'')===
@@ Line 34: / Line 34: @@
 ===Safety issues with the NissanConnect EV app (''2025'')===
 Researchers at Black Hat Asia 2025 have found issues within the NissanConnectEV app, since it relied upon a Vehicle Identification Number to communicate with the user and to authenticate communications, and this number proved to be easy to reverse-engineer. This allowed hackers to easily access the app.<ref>{{Cite web |last=Pokharel |first=Bijay |title=Researchers Hack Nissan Leaf Remotely, Exposing Major Security Flaws in Car App |url=https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |website=Abijita Foundation |date=8 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20251018194523/https://www.abijita.com/researchers-hack-nissan-leaf-remotely-exposing-major-security-flaws-in-car-app/ |archive-date=18 Oct 2025}}</ref><ref>{{Cite web |last=Mearian |first=Lucas |title=Hackers can access the Nissan Leaf via insecure APIs |url=https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |website=CSO |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=http://web.archive.org/web/20231204030039/https://www.csoonline.com/article/554905/hackers-can-access-the-nissan-leaf-via-insecure-apis.html |archive-date=4 Dec 2023}}</ref><ref>{{Cite web |author= |title=Critical Security Vulnerabilities Found in Nissan Leaf: Remote Hacking Demonstrated |url=https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |website=Security Land |date=14 Apr 2025 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20260304055732/https://www.security.land/critical-security-vulnerabilities-found-in-nissan-leaf-remote-hacking-demonstrated/ |archive-date=4 Mar 2026}}</ref><ref>{{Cite web |last=Kovacs |first=Eduard |title=API Flaw Exposes Nissan LEAF Cars to Remote Attacks |url=https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |website=Security Week |date=24 Feb 2016 |access-date=3 Mar 2026 |url-status=live |archive-url=https://web.archive.org/web/20160227082244/https://www.securityweek.com/api-flaw-exposes-nissan-leaf-cars-remote-attacks/ |archive-date=27 Feb 2016}}</ref>
+===NissanConnect EV app discontinuation (2026)===
+In early 2026, Nissan informed affected customers that the NissanConnect EV app will cease operating as of March 30th 2026. Owners of Nissan Leaf electric cars produced before May 2019 and the e-NV200 van (produced until 2022) will no longer be able to use the remote features of their vehicles. <ref>{{Cite web |last=Wood |first=Zoe |date=2026-03-14 |title=‘Shockingly bad’: Nissan Leaf drivers voice anger over app shutdown |url=https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-url=https://web.archive.org/web/20260314104114/https://www.theguardian.com/environment/2026/mar/14/nissan-leaf-app-shutdown-nissanconnect-ev-app |archive-date=2026-03-14 |access-date=2026-03-14 |website=The Guardian}}</ref>
+===NissanConnect security vulnerability (2016)===
+In February 2016, security researcher Troy Hunt disclosed that the NissanConnect EV API had no authentication. The API identified vehicles using only the last five digits of the Vehicle Identification Number (VIN), and requests were completely anonymous. Anyone with a smartphone could remotely activate climate control, view GPS logs, and monitor battery status on any of the approximately 200,000 affected Leaf and e-NV200 vehicles worldwide.<ref name="threatpost-hunt">{{Cite web |last=Zorz |first=Zeljka |date=2016-02-26 |title=Troy Hunt Explains Nissan Leaf Car Hack |url=https://threatpost.com/total-recall-troy-hunt-breaks-down-his-nissan-hack/116497/ |access-date=2026-03-25 |website=Threatpost}}</ref>
+Hunt demonstrated the vulnerability by remotely activating the climate control on a colleague's car in the UK from his location in Australia. He had spent over a month attempting to notify Nissan before going public. Nissan took the app offline and didn't restore it for several months.<ref name="threatpost-hunt" />
 ==Products==
@@ Line 39: / Line 47: @@
 ==See also==
-{{Ph-C-SA}}
+*[[BMW]]
+*[[Tesla]]
+*[[Toyota]]
 ==References==
@@ Line 46: / Line 57: @@
 [[Category:Nissan]]
 [[Category:Companies]]
+[[Category:Companies using forced arbitration clauses]]