Source URL: https://www.theregister.com/2025/01/17/gm_settles_ftc_charges/
Source: The Register
Title: GM parks claims that driver location data was shared to insurers, pushed up premiums
Feedly Summary: We’ll defo ask for permission next time, automaker tells FTC
General Motors on Thursday said that it has reached a settlement with the FTC “to address privacy concerns about our now-discontinued Smart Driver program."…
AI Summary and Description: Yes
**Summary:** General Motors (GM) has reached a settlement with the FTC regarding privacy issues related to its now-discontinued Smart Driver program, which collected precise geolocation data from OnStar vehicles without adequate consent. The settlement includes strict requirements for data handling and underscores the importance of comprehensive privacy laws to protect consumer data.
**Detailed Description:**
The text highlights a complex intersection of privacy, consumer protection, and national security issues, particularly relating to the automotive sector’s use of technology and data. The salient points include:
– **Settlement with FTC:** GM entered a settlement agreement with the Federal Trade Commission (FTC) concerning privacy violations associated with its Smart Driver program.
– **Data Collection Practices:**
– The Smart Driver program, initiated in 2015, collected user geolocation data from GM vehicles, which the FTC claims was transmitted every three seconds.
– Data collected was allegedly shared with third-party telematics firms without informed consent, leading to potential misuse in determining insurance rates.
– **Consumer Trust:** GM stated that respecting customers’ privacy is crucial, claiming the discontinuation of the Smart Driver program was a direct response to consumer feedback. They have made steps to consolidate privacy statements for better clarity.
– **Proposed Settlement Terms:**
– For five years, GM is prohibited from disclosing vehicle data to consumer reporting agencies.
– Drivers must give explicit consent for data collection, allowing for opt-out options and data deletion capabilities.
– Exceptions apply for emergency services and legal compliance needs.
– **Industry Implications:** The case has broader implications regarding the necessity for clear legislative definitions of privacy standards. Advocacy for comprehensive privacy laws was expressed, highlighting the ambiguity in current regulations.
– **National Security Concerns:** The U.S. Commerce Department’s recent regulations concerning the security of technology in connected vehicles stress that such systems should not involve components from hostile nations. This adds a layer of complexity regarding privacy and security in automotive technology.
– **Future Actions:** The FTC’s settlement proposal will undergo a 30-day public comment period before a final decision is made, indicating ongoing scrutiny around such data practices in the industry.
– **Broader Context:**
– The commentary on connected vehicles suggests that as these vehicles integrate more technologies (like cameras and GPS), the risk for privacy and potential manipulation increases, necessitating vigilant regulatory approaches.
In summary, this case encapsulates significant themes in privacy, compliance, and the monitoring of data use within the rapidly evolving automotive technology sector. The ongoing discussions are relevant to security and compliance professionals as they navigate the implications of data governance and consumer protection within their organizations.