Tesla, Inc. has been accused of using customers’ personal information without their consent for sales and marketing purposes, putting the customers’ privacy interests at risk. A driver in a proposed class action suit, plaintiff Wayne Skiles, alleged that Tesla has been storing and transmitting consumers’ personal information to credit agencies, who then create an overview of the test drivers’ creditworthiness for Tesla.1

The complaint alleged that Skiles visited a showroom in 2015 and gave his driver’s license to one of Tesla’s product specialists, believing this to be a routine check to determine his driving capability.2 After the specialist scanned the driver’s license with an iPad, he asked Skiles to enter his email and phone number, which Skiles thought would be deleted after the verification of his license.3 Instead, according to the complaint, the information was uploaded using an app specifically designed for Tesla by a mobile app developer, Appstem Media, LLC, and immediately transmitted to Tesla’s sales force marketing database, which then sent the information to Experian.4 Experian, a third-party consumer credit reporting agency, purportedly then sent information back to Tesla about Skiles’s credit, which Tesla proceeded to use for marketing purposes without Skiles’s consent.5 Along with Experian, Appstem Media, LLC and venture capital company Salesforce Ventures, LLC have also been named in the complaint as defendants.6

Information about Tesla’s consumers is potentially highly valuable, as its high-end electric cars are marketed to customers of an above average income bracket.7 The implications of companies being allowed to share such personal information could be far reaching. Ever since Samuel Warren and Louis Brandeis articulated the “right to be let alone” in 1890, the right of privacy has grown significantly.8

Skiles claims that Tesla violated the Electronic Communications Privacy Act (ECPA), the Driver’s Privacy Protection Act (DPPA), and the Fair Credit Reporting Act (FCRA).9 The DPPA prohibits parties from knowingly obtaining, using, or disclosing information from a motor vehicle license in a manner not permitted by the act.10 The FRCA restricts the use of consumer information to promote privacy, fairness, and accuracy of information held by consumer reporting agencies.11 The ECPA generally prohibits a third party from disclosing or intercepting certain “wire, oral or electronic communications” without authorization from another party.12 Whether statutes such as the ECPA are read broadly enough to cover Tesla’s actions could determine how businesses are able to use consumers’ information in the future. While the complaint argues that the data transferred through the electromagnetic strip on consumers’ driver’s licenses constitute an “electronic communication,” it has not been determined whether the ECPA can be read this broadly.13 However, technology has likely evolved beyond what the drafters of the ECPA envisioned. Early advocates of privacy law, such as Justice Brandeis, could not have foreseen the privacy issues that would pervade our lives with the development of communication and transportation technology.14

Skiles is seeking to represent a class of people whose information was used without their consent in the four years prior to the complaint’s filing, as well as a class of people whose licenses were used without their consent to obtain a consumer report in the two years prior to the complaint’s filing.15 Skiles is asking both for damages and for the court to force Tesla to stop sharing data without drivers’ consent.16 Skiles has demanded a jury trial pursuant to the Seventh Amendment, and these privacy issues will likely be discussed in greater depth as the case continues to unfold.17