Andrew ReynoldsAustralia's most talked-about electric vehicle just got bigger — and so did the privacy questions surrounding it. Tesla launched the six-seat Model Y L in Australia this month, priced from $74,900, with deliveries expected from Q2 2026. But as Australians rush to configure their new SUVs, the Office of the Australian Information Commissioner (OAIC) has quietly opened preliminary investigations into connected vehicle data practices — and Tesla owners may want to pay attention.
What Makes the Tesla Model Y L Different — And What It Collects
The 2026 Tesla Model Y L is a genuine step forward. Three rows of seating, a 681km WLTP range, 378kW of power, and Australia's first Tesla to include Vehicle-to-Load (V2L) technology. Orders opened in April 2026, and demand has been strong.
But every Tesla — including the Model Y L — is also a rolling data platform. According to Tesla's Australian privacy notice, the vehicle continuously records driving behaviour including speed, acceleration, braking patterns, and location data. Camera systems can capture footage from eight external cameras and three internal cameras. Voice commands processed via the cabin microphone are sent to Tesla servers. The car's software logs charging habits, battery health data, and over-the-air update history.
Tesla states that camera data sharing requires explicit opt-in consent, and that by default driving data is not directly linked to customer identity. However, privacy researchers at UNSW Sydney identified in late 2024 that modern connected vehicles are "surveillance devices on wheels," noting that data which is technically anonymised can still be re-identified when combined with location patterns and driving routines.
The OAIC Investigation: What It Means for EV Owners
In February 2026, the OAIC launched preliminary investigations into connected vehicle data practices across the industry. The regulator's priorities include:
- Excessive data collection and retention by vehicle manufacturers
- Inadequate disclosure about third-party data sharing
- Use of biometric and facial recognition data inside cabin environments
Under Australia's Privacy Act 1988 and the 13 Australian Privacy Principles (APPs), any company handling personal information about an identifiable individual must collect only what is necessary, store it securely, and disclose its use. The OAIC now has expanded enforcement powers including tiered civil penalties and compulsory compliance notices.
The gap, according to legal analysts at King & Wood Mallesons, is that Australian privacy law currently lacks specific disclosure requirements about third-party data recipients — unlike the EU's GDPR or California's CCPA. Car manufacturers operating in Australia may use separate, more limited privacy policies than those offered to European customers.
For Australian Tesla owners, this means your connected vehicle may collect and retain data in ways that exceed what you've been explicitly told about.
What Australian EV Buyers Should Ask Before They Sign
An IT security specialist or privacy consultant can help you understand what you're actually agreeing to when you configure a connected vehicle. Key questions to raise before purchase or delivery include:
What data is collected by default? Tesla offers some controls via the touchscreen — including disabling data sharing and turning off cabin camera recording. But these settings are buried in menus, and the defaults favour data collection. Ask specifically about telematics data, location logging, and third-party integrations like insurance data sharing programs.
Where is your data stored? Tesla operates data centres in multiple jurisdictions. Australian Privacy Principle 8 requires that overseas data transfers meet equivalent privacy protections — but enforcement has historically been limited.
Can you request deletion? Under APP 12, you have the right to access personal information held about you. Under APP 13, you can request correction. Tesla's Australian privacy portal allows some data access requests, but the scope of what is actually retrievable can be limited.
Does your insurer have access? Some Tesla finance and insurance packages include telematics data sharing that affects premiums. An IT adviser or financial specialist can help you understand whether you've inadvertently consented to sharing your driving behaviour with third parties.
The Recall That Didn't Require a Dealership Visit
Separately, approximately 35,000 Tesla Model 3 and Model Y vehicles in Australia were subject to a recall in 2026 for a battery pack contactor wiring issue. Tesla resolved this via an over-the-air (OTA) software update — no workshop visit required. While convenient, this also demonstrates how thoroughly connected Tesla's vehicles are: the company can push changes to your car's software and systems remotely, at any time.
A smaller recall of 260 units of the 2026 Model Y affected a reverse lamp wiring defect. Owners can check their vehicle identification number (VIN) on Tesla's Australian recall portal.
What to Do Now
If you own or are considering a Tesla Model Y L, the practical steps are straightforward. Review your vehicle's privacy settings under Controls > Safety > Data Sharing. Opt out of any non-essential data sharing programs. If you're a business owner with a fleet of connected EVs, consider engaging an IT compliance specialist to audit your fleet's data exposure — particularly if vehicles access corporate Wi-Fi networks or employee driving data is being aggregated.
According to the Office of the Australian Information Commissioner, individuals have the right to know what personal information organisations collect, why it's collected, and who it may be disclosed to. That right applies equally to vehicle manufacturers.
The Tesla Model Y L is a compelling vehicle. With 681km of range, V2L capability, and three rows of seating at a competitive price point, it will likely sell strongly in Australia. But the data it generates belongs to you — and understanding how to protect it is increasingly the job of an IT specialist, not just a car salesperson.
This article covers general privacy information. For specific advice about your vehicle's data settings or compliance obligations, consult a qualified IT security specialist or privacy lawyer.
