- Whistleblowers leaked around 100 gigabytes of alleged internal Tesla documents to Handelsblatt, a German business newspaper, revealing sensitive data about customers, employees, and key projects like Autopilot and Cybertruck.
- State data protection officer Dagmar Hartge expressed serious concerns about potential data protection violations, prompting the case’s transfer to privacy advocates in the Netherlands, where Tesla’s European headquarters is located.
Handelsblatt, a German business newspaper, received approximately 100 gigabytes of internal Tesla documents from anonymous whistleblowers towards the end of 2022. This marked the first time such a significant volume of alleged internal Tesla data has been made public.
Journalists from Germany, Japan, and the USA are involved in analyzing the leaked information. The collective research will be published under the title “Tesla-Files”. The Handelsblatt encourages any responses or comments on this matter to be sent to firstname.lastname@example.org.
The whistleblowers initially contacted Handelsblatt anonymously in late 2022 and transmitted the data in several batches. Personal meetings between the journalists and whistleblowers also occurred, allowing the news outlet to verify the identity of the sources. However, the identities are kept confidential to protect them.
The 23,398 leaked files include various formats such as PDF documents, Excel spreadsheets, PowerPoint presentations, images, videos, and audio files. Also among the data are emails believed to have been exchanged by Tesla employees, customer and employee data, and sensitive documents marked confidential regarding significant projects like the Autopilot, Cybertruck electric pickup, and new battery cell development.
The authenticity of the leaked data was verified by contacting customers and employees whose information was included in the documents, cross-referencing with external sources like LinkedIn, and consulting experts for technical plausibility. Furthermore, an analysis by the Fraunhofer Institute for Secure Information Technology confirmed that the data set originates from Tesla’s IT environment.
The whistleblowers allege that Tesla’s system allowed them and potentially many other employees to retrieve and copy data beyond their jurisdiction. They have alerted the data protection officer of the federal state of Brandenburg. However, Handelsblatt has yet to confirm whether data protection concerns were the whistleblowers’ sole motivation.
Dagmar Hartge, the state data protection officer from Brandenburg, expresses concern over the situation, citing “serious indications of possible data protection violations”. Tesla’s European headquarters being in the Netherlands, the case was transferred to privacy advocates there.
Tesla, declining to address specific queries about the leaked files, asserts that a “disgruntled former employee” had breached his non-disclosure agreement and the company’s data management policies. Legal actions are forthcoming.
Handelsblatt has developed a service for those wishing to check if their information is part of the Tesla files. It will search selected files for specific employee ID or vehicle numbers (VIN). However, no detailed information will be given out for data protection reasons.