General Motors Is Banned from Selling Driving Behavior Data for 5 Years
56 comments
·January 17, 2025mmooss
kevingadd
This is largely the work of Lina Khan and the people reporting to her. She's fairly new to the FTC still (Biden appointee) and has been intentionally pushing on all of this.
Protecting it is difficult since the house/senate and scotus are all determined to roll back pro-consumer laws but that's not really something the FTC can fix, only voters can fix that.
Voters don't seem to see these things as important though based on how they voted most recently. They have other priorities I suppose.
johnnyanmac
I'll be generous and say that voters are distracted by other things. easy unsubscribe is great, but it's never going to win an election.
I'll also be cynical and say that voters were also lacking critical thinking in terms of how the president elect simply said he'd do things with no action plan behind it. He already went back on several "promises" even before properly stepping in as President. This is just shame on us at this point.
null
sapphicsnail
Harris wouldn't even commit to keeping Lina Khan on.
input_sh
Lina Khan deserves all the praise and then some.
Banning non-competes, preventing Microsoft-Blizzard merger (amongst many others), enforcing the right-to-repair, filing lawsuits to lower drug prices, making cancelling subscriptions easier...
Your friendly reminder that both Amazon and Meta were openly against her taking the position, that the upcoming administration will scrap the antitrust lawsuits against both of them (the one against Meta was supposed to start in spring, the one against Amazon in 2026) and that this is why Bezos and Zuckerberg are cozying up to Trump.
tehjoker
[flagged]
xyst
They don’t give a shit about privacy directly but GM was egregious in collecting this data
- confusing consumers
- sneakily signing up consumers to “smart driver” as part of onstar
- data brokers subsequently building profiles on users and selling this data to _insurance companies_
- consumers later finding out their insurance doesn’t get renewed because of this secret driver profile that was built without their explicit consent
If GM followed the rules by disclosing this directly, allowing consumers to opt out. They probably wouldn’t be in this embarrassing position.
It’s in the FTC release: https://www.ftc.gov/news-events/news/press-releases/2025/01/...
ycombinatrix
Lmao. They were too cartoonish in their villainous behavior.
null
AndyNemmity
[flagged]
EVa5I7bHFq9mnYK
How about monetary compensation? People lost real money, damages can be calculated.
After all, if I installed spying software on GM's computers, and sold the extracted data to, say, Toyota, I'd face hefty fines. And spend time in prison.
xyst
Probably a class action lawsuit in the future, if one does not already exist.
Jail time? Probably not, we let health insurance companies get away with taking away critical needs from patients and delaying care in the name of delivering shareholder value. The best they get is a slap on the wrist from the government, let alone jail time.
aucisson_masque
Privacy ? But I have nothing to hide.
Everyone has something to hide, be it as simple as your driving behavior, so you don't end up over paying for insurance or even in the situation where all company refuse to insure a 'risky' profile.
rcarmo
As an European, this is weird. Just 5 years? Why were they allowed to do this in the first place?
nonrandomstring
Yes I don't understand the "5 Years" part at all.
Either it's illegal or it isn't.
No judge ever says "I ban you from burgling houses for 5 years!", like after 5 years it would be okay again.
2024user
Isn't that jail time?
ninalanyon
No burglar has the resources of GM.
userbinator
but it can still share anonymous data about people’s driving with third parties
Most important part of this IMHO.
null
cameldrv
Yeah and it’s simple to reidentify anonymous location traces. The simplest way is to buy cell phone location data from apps, which is generally intermittent, but even with just 5-6 location/time pairs, you’re going to be able to positively identify someone, with the small caveat that there will be some ambiguity with members of a household that share a car.
robojunkie
Is it anonymous aggregated data or just anonymized data? Anonymized data can easily be de-anonymized, as you stated.
johnisgood
Assuming the worst in these cases is always a good idea.
55555
Yeah, super anonymized if only my car leaves from my house every day to go to work and comes back every night...
ripped_britches
They were trying to warn us by naming it “Smart Driver”. Come on yall.
throwaway562if1
They keep all the profits and can still sell "anonymized" data. Surely this chilling precedent will have other corporations shivering in fear.
ksynwa
What I am wondering if to what extent (if any) I can protect myself as an end user from this kind of spying by just not connecting these smart devices to the internet.
A while I read about smart TVs bypassing pihole-style blockers by using hardcoded IP addresses and DNS server addresses.
I don't even know how smart cars work. Do they have their own SIM card or something like that? Either way there are so many ways they can subvert obstacles. For example a car could scan for unprotected WiFi networks and connect to one if found.
lnsru
Every new car has a SIM card. Apparently in Europe used for emergency automatic calls. But having SIM card in the car is not mandatory. All the information in other cases is saved in the car. And when you bring the car to the dealership the information is transferred over the wire in old fashioned way. Safest thing is to have an older car without much electronics, that can be repaired outside dealership network. Some cars like a Teslas have very normal cameras filming interior. Apparently to monitor the driver. But who knows.
miohtama
Yes a mobile as a government tracking device in your car is mandated in Europe.
avh02
my understanding is for things like eCall that the phone only gets activated when it's actually needed (i.e: an emergency), but never found a check/analysis of this on cars (though i only looked for 2 mins when i checked)
almostnormal
Not yet. But soon, when cars are required to transmit data about emissions.
GauntletWizard
I intentionally bought a used car with only a 3G network connection, knowing (at the time, almost 3 years ago) it would soon shut down in the US. I smiled at the "Your OnStar will soon stop working" messages, and intend to hold onto it for a good long time.
timeon
> Some cars like a Teslas have very normal cameras filming interior.
Wow is this real?
ninalanyon
Cars that offer driver assistance have to have some way of determining that the driver is awake and paying attention. One way is to monitor steering wheel input which is how older Teslas do it another is to use a camera to monitor the driver's face and that is done by several brands not just new Teslas.
lnsru
Absolutely! As well as 1€ camera covers from AliExpress.
jakelazaroff
> An investigation by the Federal Trade Commission determined that consumers had not been aware that the automaker was providing their driving information to data brokers.
Yeah, no shit. Why on earth would I assume the company from which I bought my car is selling my information? Why are they allowed to sell this data at all?
We can all acknowledge how ridiculous this is, right?
johnnyanmac
Tiktok's being banned while Meta is more or less able to do the same thing but worse. It's pretty much about who can line pockets rather than the fact that selling user data is wrong.
ascorbic
If you're thinking that this is good (and it is), you should love the GDPR which bans this sort of thing entirely without needing an investigation beforehand.
flakeoil
I guess GDPR is a good idea, but in practice it has limited value. I suppose all that is needed is that the user accepts (consents) by answering yes to a popup question. It can be asked over and over. If you answer yes by accident at some point you are screwed. You can maybe(?) retract your answer, but maybe you don't even know you answered yes at some point when you were stressed and had to drive somewhere, while your nav/media system asked you this question.
The main problem is that this sort of thing (tracking of cars and storing the data in a central database) is considered normal by corporations and is allowed by law. Would we like to have big corporations place private detectives outside our houses and when we leave they follow our every step, take photos, record audio and track our GPS position and report all that data to the corporation in realtime? That is what they do now with their cars and phones and appliances. The reason they did not do it in the past was that it was expensive to have private detectives track each of their customers, was considered spooky and abnormal and it was probably also illegal, but now it is cheap and somehow considered normal.
Cadwhisker
Now, please do Hyundai (and others). Their in-built map's knowledge of speed limits and the speed sign recognition is so awful that any "speeding" data is guaranteed to be wildly inaccurate.
I don't understand the FTC. Why and how did they start protecting consumer privacy? Could they have done it before? Do they have an overall systematic plan for protecting it comprehensively? Do they have a guiding principle?
I'm glad they are moving forward on it, at least until Monday.