The Department of Justice wants names, addresses and purchase records for more than 100,000 people who downloaded a single car diagnostics app. Apple and Google received subpoenas. So did Amazon and Walmart. The target is not some criminal network but everyday drivers who plugged a device into their trucks and cars.
This case, unfolding in federal court, reaches far beyond one company. It tests how aggressively prosecutors can pull user data from app stores to build a civil enforcement action under the Clean Air Act. And it revives old questions about where legitimate regulation ends and bulk surveillance of consumers begins.
The company at the center is EZ Lynk, founded in 2014 by mechanics Brad Gintz and Thomas Wood. Based in the Cayman Islands, it sells hardware that plugs into a vehicle’s OBD-II port paired with the Auto Agent app available on Apple’s App Store and Google’s Play Store. Users can monitor engine performance, apply software tweaks and, the government alleges, disable emissions controls.
The DOJ sued EZ Lynk in 2021. Prosecutors accuse the firm of selling “defeat devices” that let diesel truck owners bypass federal emissions rules. Forbes first reported the scale of the data demands. The government has gathered forum posts and social media evidence showing some customers used the tools exactly that way. EZ Lynk insists its products serve legitimate diagnostic and tuning purposes. Its apps, it says, are not built primarily to cheat emissions tests.
In March and April of this year, the DOJ issued subpoenas to Apple and Google. The requests sought identities, addresses and purchase histories for anyone who had downloaded the Auto Agent app. Similar demands went to Amazon and Walmart for buyers of the accompanying hardware. The total pool of potential users exceeds 100,000. It could reach into the hundreds of thousands.
EZ Lynk and the DOJ filed a joint letter with the court earlier this month detailing the dispute. The company’s lawyers wrote that these requests “go well beyond the needs of this case and create serious privacy concerns.” They added, “Investigating this claim does not require identifying each person who has used the product.” Apple and Google plan to fight the subpoenas, according to the letter. Walmart declined to comment when asked. The tech companies themselves have not responded publicly.
The government pushed back. Its lawyers told the court they have “consistently sought customer information” because they need witnesses who can describe how the technology actually gets used. They have already shown the judge Facebook posts and messages from EZ Lynk’s own forums in which users discuss disabling emissions equipment. In the letter, prosecutors argued that users who gave their information to EZ Lynk and agreed to its terms “no longer have a cognizable privacy interest as to that information.”
That position alarms privacy advocates. Aaron Mackey, deputy legal director at the Electronic Frontier Foundation, called the argument “particularly problematic.” Most people never read terms of service, he noted. The broad request raises questions about what the government might do with the data after this case ends. Tom McBrien, counsel at the Electronic Privacy Information Center, expressed similar worries. Obtaining personally identifiable information on every customer through discovery sits outside normal Fourth Amendment protections, he said.
This is not the first time the DOJ has asked Apple and Google to turn over data on thousands of users of one app. In 2019, federal investigators sought information on more than 10,000 people who had installed an app tied to a gun scope. The current demand is at least ten times larger. Both episodes highlight a growing pattern. Law enforcement sees app stores as rich troves of customer identities. Tech platforms often resist, citing user privacy.
The EZ Lynk case carries extra weight because of its connection to the right-to-repair movement and car hacking communities. Enthusiasts argue drivers should be free to modify their own vehicles. Justin Montalbano, president of the Car Hacking Village at the Def Con conference, put it plainly. “People want to modify their cars and always will,” he said. Subpoenaing personal data from tech companies, in his view, is not the right path to cleaner air. He suggested mandatory vehicle inspections for defeat devices instead.
EZ Lynk has tried other defenses. The company once claimed protection under Section 230 of the Communications Decency Act, arguing it could not be held responsible for how customers misused its platform. A federal judge rejected that argument in August 2025. The case moved forward. Privacy experts remain divided on the underlying merits. McBrien supported the court’s Section 230 ruling, pointing to patent applications that referenced ways to sidestep emissions rules. Yet he draws a line at the government’s sweeping demand for user data.
Broader trends make the moment notable. Government requests for user data from major tech firms have climbed sharply over the past decade. A report from privacy company Proton documented increases of hundreds of percent at Apple, Google and Meta. The numbers reflect both criminal investigations and civil enforcement actions. In this instance, the DOJ is not pursuing individual prosecutions of drivers. It seeks testimony to strengthen its case against the company that enabled the modifications.
But the practical effect could still chill legitimate uses. Fleet operators rely on similar diagnostic tools. Mechanics use them for repairs. Car enthusiasts explore performance tuning that does not touch emissions systems. When the government casts a net this wide, those users may think twice before installing apps that collect any personal data.
The dispute also spotlights the uneasy relationship between app platforms and regulators. Apple and Google curate their stores and take commissions. They review apps for compliance with their own rules. Now they face demands to identify users of an app they approved. Their decision to contest the subpoenas aligns with long-standing public positions on user privacy. Yet the companies have complied with law enforcement data requests thousands of times each year.
So far, neither side has commented beyond the court filing. The joint letter suggests negotiations continue. A judge will ultimately decide how much user information, if any, must be turned over and under what restrictions. The outcome could set precedent for other civil cases in which prosecutors want to talk to customers rather than charge them.
Car modification is not going away. Diesel trucks remain popular. Emissions rules grow stricter. The tension between environmental enforcement and personal freedom in vehicle ownership finds a new front in the app stores. How much data the government can extract from Apple and Google to police that tension will shape the balance for years to come.
The original reporting that brought these subpoenas to light appeared in Gizmodo. Additional coverage from 9to5Mac noted the company’s continued denial that emissions circumvention is its core function. Recent analyses on X echoed concerns about privacy overreach in enforcement actions against aftermarket automotive technology.
View Comments (0)