General Motors (GM) has reached a settlement with the Federal Trade Commission (FTC) to address privacy concerns stemming from its now-discontinued Smart Driver program. The FTC’s complaint alleges that GM collected precise geolocation data from Gen10+ OnStar vehicles every three seconds, without informed consent, and shared this data with partners like Verisk and LexisNexis. This driver data was subsequently sold to insurance companies, potentially raising premiums for certain drivers.

OnStar, GM’s subscription-based communication service, was initially intended for security and navigation services. However, the FTC claims the automaker’s Smart Driver program, launched in 2015, transmitted driver data to telematics firms. GM ended this program last April following customer feedback and complaints about privacy. “Respecting our customers’ privacy and earning their trust is deeply important to us,” GM stated, announcing the termination of third-party telematics arrangements with LexisNexis and Verisk.

FTC Settlement and New Measures

The proposed consent decree forbids GM from disclosing geolocation and driver behavior data to consumer reporting agencies for five years. It also requires GM to obtain affirmative consent from drivers before collecting vehicle data, offer data deletion services via its website, and ensure that drivers can opt out of data collection, except for emergency and legal compliance scenarios. The agreement extends for 20 years and is open for public comment for 30 days.

Justin Brookman, director of technology policy at CR, praised the FTC’s action but emphasized the need for a comprehensive privacy law to prevent similar abuses in the future.

Ongoing Legal Battles and National Security Concerns

In a separate lawsuit, Texas Attorney General Ken Paxton is pursuing GM for unlawful data collection allegations related to OnStar. This case continues and could go to trial. Paxton also sued Allstate and its subsidiary Arity for allegedly conspiring to gather driver data without consent.

Meanwhile, the US Commerce Department finalized a rule prohibiting the sale of vehicles with components from China or Russia to safeguard national security. “Cars today aren’t just steel on wheels – they’re computers,” remarked US Secretary of Commerce Gina Raimondo, highlighting the need to protect American roads from foreign-manufactured technologies. This rule, part of a broader effort to secure the connected vehicle supply chain, seeks to prevent foreign adversaries from accessing sensitive or personal information through vehicle technologies.