Tesla Files: Huge Data Leak Shows Issues with Data Protection, SUA, Autopilot, and FSD

This 100-Gb document collection includes "1,388 PDF documents, 1,015 Excel spreadsheets, and 213 Powerpoint presentations – as well as numerous images, videos, audio files, and emails." Handelsblatt obtained them from several whistleblowers who were just fed up with reporting privacy and safety issues to Tesla and seeing nothing change.

The German newspaper has been working on these documents for the past six months, having assigned them to twelve of its finest reporters to investigate, check, and contact the people who were included in the data leak. And there are so many people involved that Handelsblatt developed a free search tool for any Tesla customer and employee to check if their data was compromised. The ones who get a positive reply to their inquiry need to contact the German newspaper through an email address provided on the same page. Unlike Tesla, Handelsblatt will carefully protect the data it obtained.

The American EV maker does not have a press department, but at least the German newspaper got it to talk to the press through its lawyers. In a rare reply to the publication, Joseph Alm, Tesla's managing counsel for litigation, urged Handelsblatt to send them "a copy of this information, immediately delete all other copies," and confirm they had done so. In a threatening tone, Alm wrote that "use of illegally obtained data for media reporting is not allowed absent exceptional circumstances. The possession of such data itself without a proper justification breaches, among other things, data protection law. And mishandling this information subjects recipients, such as Handelsblatt, to liability for violation of trade secrets, data protection law, and handling stolen data, among other things."

Sebastian Matthes, the German newspaper's editor-in-chief, explained why Handelsblatt decided to ignore the threats and move forward. Apart from analyzing the documents, it also interviewed dozens of customers and employees. In other words, it confirmed the stories these documents told were true.

One example comes from Switzerland, where Thomas Karl endured several phantom braking events from January to October 2021. He probably faced even more such circumstances after that. All we have is his email message to Tesla, complaining about the situation. He wrote on July 26, 2021: "Good day, gentlemen, do you believe me that I'm slowly losing my nerves?" His Tesla had recently stopped on the Swiss A3 "after overtaking a vehicle." Handelsblatt published his report after talking to him.

Another case came from Manfred Schon, a former Bosch employee. When driving to a meeting in Michigan on June 1, 2019, on the M14 highway, his Tesla "suddenly braked hard, as hard as one can imagine." He told the German newspaper that he "was pressed into the seatbelt, and the car nearly came to a halt." That was when his car was hit from behind. Luckily, he was able to tell the story himself. Many were not as lucky.

Handelsblatt talked to some of the people who are suing Tesla for fatal crashes involving Autopilot. One of them killed David and Sheila Brown on August 12, 202. David was driving his Model 3 in Saratoga, California, when it accelerated to 183 kph (113.7 mph), ran a red light, and crashed against a Toyota Tundra. This case also seems to involve SUA. The German newspaper did not mention if data from this collision was included in the Tesla files.

Matthes and his team sent the American BEV maker several questions, and the only reply they got back was Alm's threatening letter. Handelblatt's editor-in-chief stated that he prefers to report on successful innovations and bold entrepreneurial visions, but journalists do not get to write about what they like the most. There are things that need to be shared with the public, such as "how conscientiously Tesla handles data."

As Matthes puts it, "the informants were apparently able to access the files without major restrictions, even though the information went far beyond their area of responsibility." The Tesla Files contain "the salaries of 100,000 employees, bank details of customers, secret production details," and "even Tesla CEO Elon Musk's putative vehicle number and social security number." Not even the company's most prominent executive is protected from how badly Tesla deals with its data.

This is why the German newspaper decided to expose the story. Since Elon Musk "seems to be involved in the smallest things," as if he was running a startup, it was time to let authorities know about it and hope someone would show the company how to properly deal with personal data.

This is not the first time the company has been caught red-handed with this subject. In April, former Tesla employees confessed they shared customers' private videos on Mattermost, Tesla's internal messaging system. On May 3, 2020, the white-hat hacker GreenTheOnly helped me break the news about how Tesla dealt with old computers it replaced in its car: throwing them in garbage cans with lots of information from previous owners untouched.

As Matthes frames it, "if Musk's leadership shortcomings mean that the rights of his employees and the lives of his customers are at risk, then it's time to tighten the limits of his power." Let's wait for European, Asian, and American authorities to tell us what they will do about this mess. Journalism has done its part. Bravo, Handelsblatt!