Texas AG Latest To Sue GM For Covertly Selling Driver Data To Insurance Companies
Last year Mozilla released a report showcasing how the auto industry has some of the worst privacy practices of any tech industry in America (no small feat). Massive amounts of driver behavior is collected by your car, and even more is hoovered up from your smartphone every time you connect. This data isn’t secured, often isn’t encrypted, and is sold to a long list of dodgy, unregulated middlemen.
Last March the New York Times revealed that automakers like GM routinely sell access to driver behavior data to insurance companies, which then use that data to justify jacking up your rates. The practice isn’t clearly disclosed to consumers, and has resulted in 11 federal lawsuits in less than a month.
Now Texas AG Ken Paxton has belatedly joined the fun, filing suit (press release, complaint) in the state district court of Montgomery County against GM for “false, deceptive, and misleading business practices”:
“Companies are using invasive technology to violate the rights of our citizens in unthinkable ways. Millions of American drivers wanted to buy a car, not a comprehensive surveillance system that unlawfully records information about every drive they take and sells their data to any company willing to pay for it.”
Paxton notes that GM’s tracking impacted 1.8 million Texans and 14 million vehicles, few if any of whom understood they were signing up to be spied on by their vehicle. This is, amazingly enough, the first state lawsuit against an automaker for privacy violations, according to Politico.
The sales pitch for this kind of tracking and sales is that good drivers will be rewarded for more careful driving. But as publicly-traded companies, everybody in this chain — from insurance companies to automakers — are utterly financially desensitized from giving anybody a consistent break for good behavior. That’s just not how it’s going to work. Everybody pays more and more. Always.
But GM and other automakers’ primary problem is they weren’t telling consumers this kind of tracking was even happening in any clear, direct way. Usually it’s buried deep in an unread end user agreement for roadside assistant apps and related services. Those services usually involve a free trial, but the user agreement to data collection sticks around.
One annoying thing is that Republicans like Paxton (and many Democrats) have fought tooth and nail against passing comprehensive federal or state privacy protections, resulting in a wild west free for all when it comes to security and consumer privacy.
Corruption built this mess, and instead of striking at the roots of the problem (with a basic federal privacy law or the regulation of dodgy data brokers) politicians enjoy freaking out about singular instances of potential privacy abuse (TikTok comes quickly to mind). It’s a distraction from longstanding, corruption-fueled state and federal failures on privacy enforcement and consumer protection.
While a suit like this does have some useful deterrent effect, there’s simply no limit of companies doing some variant of what GM’s been doing (or worse), and most of them will never face anything close to any sort of accountability for it. In part because America’s too corrupt to pass comprehensive modern privacy laws, but we’ve steadily worked to defang and defund most U.S. consumer protection regulators, ensuring (quite intentionally) they lack the ability to police the problem at the scale it’s now occurring.