General Motors was hit with a record privacy violation penalty, agreeing to a $12.75 million settlement with the state of California after an investigation revealed the automaker illegally sold driver data.
The Charges
From 2020 to 2024, GM used its popular OnStar subscription system to collect highly specific driving behavior. They weren’t just keeping an eye on your mileage; they were tracking your precise location, how fast you were going, how hard you hit the brakes, and how rapidly you accelerated.
According to the California Attorney General’s office, GM took this data and sold it to third-party data brokers like Verisk Analytics and LexisNexis Risk Solutions.
The main issue is that GM’s own privacy policy explicitly reassured drivers that it would not sell their location or driving information. While California state law protects its drivers from having this data used against them by auto insurers, investigations found that many drivers across the rest of the country saw their car insurance premiums spike because of this secretly shared data.
The Payout
If you’re a GM driver in California, don’t wait by the mailbox for a payout. This is a civil penalty, meaning the millions go directly to the state, not to individual consumers.
However, the settlement does force some major changes. GM is now banned from selling consumer driving data to data brokers for the next five years. For its part, GM stated that it already discontinued the specific data-sharing program, known as “Smart Driver,” back in 2024. Leaving GM to keep the data to itself.
This case is a wake-up call that today’s vehicles are basically giant, rolling computers. Next time you buy a car or set up your infotainment system, take a few minutes to check your privacy settings—you might be sharing a lot more about your morning commute than you think.
Â
