Modern vehicles can collect an extraordinary volume of personal data through connected infotainment and telematics systems, from precise GPS coordinates to, in some cases, microphone audio, and many drivers have little idea how that information is stored, shared, or sold. The Federal Trade Commission’s enforcement actions against General Motors and OnStar have forced this issue into public view, alleging practices that regulators say were not adequately disclosed to consumers. The gap between what automakers say they do with driver data and what regulators allege in enforcement actions raises serious questions about whether consent mechanisms in connected cars function as anything more than legal cover.
What GM and OnStar Were Caught Doing
The clearest window into automaker data practices comes not from corporate privacy pages but from federal enforcement. According to the FTC, the agency took action against General Motors for allegedly collecting precise geolocation data and detailed driving behavior, including events like hard braking, and sharing that information with third parties without obtaining meaningful consent from vehicle owners. The proposed order stage of that case laid out specifics about how frequently location data was gathered and why regulators consider such information sensitive enough to warrant special protections, highlighting that patterns of movement can reveal home addresses, workplaces, and visits to medical or religious facilities.
The enforcement timeline then advanced. According to the FTC, the agency later finalized a consent order settling allegations that GM and OnStar collected and sold geolocation data without consumers’ informed consent. That finalized order imposed specific compliance requirements and remedies on the company, including limits on how such data can be shared going forward and obligations to implement more robust notice and choice mechanisms. It is important to understand that the earlier announcement describing a proposed order and the later announcement of the finalized order are sequential steps in a single enforcement action, underscoring how long it can take for regulators to investigate, negotiate, and ultimately bind a major automaker to new privacy obligations.
What Automakers Admit They Collect
Federal enforcement against one company would be concerning enough on its own, but the data appetite extends across the industry. In compiled responses to a congressional inquiry published by the Office of U.S. Senator Edward J. Markey, multiple automakers described collecting connected-vehicle and infotainment-related data including location, driving behavior, camera feeds, and microphone audio, as shown in the manufacturer replies to his office. These were not leaked documents or whistleblower revelations. The companies themselves, responding to a formal Senate letter, acknowledged the scope of what their systems capture and how those data streams can be combined with telematics services, mobile apps, and subscription programs.
Those same automaker responses described how consent and controls are supposed to work for data collection, how long certain categories of data are retained, and what their practices are regarding sharing and selling information. The descriptions varied by manufacturer, but the overall picture is consistent: modern vehicles are equipped to record where drivers go, how they drive, and in some cases what they say inside the cabin, often tying this information to a customer account or vehicle identification number. The fact that automakers describe offering user controls does not resolve the core tension. If default settings favor data collection and opt-out mechanisms are difficult to find or require extra steps (such as multi-screen menus or separate mobile apps), the practical effect may be that many drivers never exercise those controls. This is the gap the GM enforcement action exposed: the difference between offering a theoretical choice and obtaining genuine, informed agreement.
Why “Anonymized” Data Offers Less Protection Than Promised
One of the most common industry defenses is that collected data is anonymized before it leaves the vehicle or the automaker’s servers. This framing suggests that even if a car records granular location trails, no one can trace those trails back to an individual driver. Research challenges that assumption directly. A study discussed by a major newspaper found that anonymized datasets can frequently be re-identified, meaning that stripping names and account numbers from a dataset does not prevent someone from matching patterns back to a specific person. When the dataset in question includes precise geolocation, the re-identification risk is particularly high because location trails, daily routines, and visit patterns are effectively unique to each individual.
Applied to the automotive context, this means that even when automakers claim they strip identifying information before sharing driving data with third parties, the resulting datasets may still function as personal records. A daily commute pattern, combined with home and workplace coordinates, can identify a driver as reliably as a name, and repeated trips to particular locations can reveal health conditions, political affiliations, or religious practices. The FTC’s enforcement framing around GM emphasized precisely this point: location data is sensitive because of how much it reveals about a person’s life, habits, and associations. Anonymization promises do not eliminate that sensitivity. They merely add a processing step that researchers have shown to be reversible in many real-world conditions, especially when data buyers can cross-reference multiple sources.
The Consent Illusion in Connected Vehicles
The structural problem with automotive data collection is not that consent mechanisms are entirely absent. It is that they are designed in ways that produce high opt-in rates regardless of whether drivers understand what they are agreeing to. When a buyer activates a new vehicle’s infotainment system for the first time, the setup flow typically bundles connectivity features, navigation, and entertainment together with data-sharing permissions. Declining the data terms often means losing access to features the buyer considers part of the product they already paid for, such as live traffic routing or emergency assistance. This creates a dynamic where consent is technically present but functionally coerced, because the alternative is driving a significantly degraded version of the car.
The automaker responses compiled by Senator Markey’s office describe these consent frameworks in favorable terms, emphasizing that customers can manage their preferences and contact support to change settings. But the GM enforcement action tells a different story about how those frameworks operate in practice. According to the FTC, the company allegedly collected and sold data without adequate notice and affirmative consent, suggesting that whatever controls existed did not meet the agency’s standard for meaningful consumer choice. The distance between “we offer privacy settings” and “we obtained informed consent” is where most of the risk to drivers actually lives. Until regulators or legislators close that gap with enforceable standards around default settings, data minimization, and clear opt-in screens, the burden falls on individual vehicle owners to actively investigate and manage their own data exposure.
What Drivers Can Do Right Now
For anyone who owns or leases a connected vehicle, the most immediate step is to review the infotainment system’s privacy and data-sharing settings. These menus may be located under headings like “Connectivity,” “Privacy,” or “Data Services,” and they often control whether location and driving behavior are transmitted to the manufacturer or its partners. Turning off non-essential data sharing, disabling personalized ads, and restricting location access to essential safety functions can significantly reduce how much information leaves the car. Drivers should also periodically review any companion smartphone apps tied to their vehicle, since app permissions can silently expand what is collected and shared beyond what appears on the dashboard screen.
Another crucial step is to treat the car like a rolling smartphone when it comes to stored personal information. Many drivers sync their contacts, call logs, messages, and app accounts to the vehicle’s system and never remove them. The FTC has warned that before selling or returning a vehicle, owners should follow guidance on how to clear personal data from onboard systems, including deleting paired devices and saved locations. Even if a vehicle is not changing hands, routinely pruning stored profiles and disabling automatic uploads can limit the fallout if a car is hacked, repossessed, or accessed by an unauthorized person. Taken together, these defensive measures do not fix the structural problems regulators have identified, but they give individual drivers more control in an ecosystem where consent is often treated as a box to check rather than a meaningful choice.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
