How’s My Driving? Just Ask Big Brother

Texas AG Goes After Deceptive Data Practices by Car and Insurance Companies

​Texas is already putting its data privacy statute, passed in 2024, to good use. Part of the state’s broader data privacy and security initiative is a recent lawsuit against General Motors that alleges the unlawful collection and sale of drivers’ data, including selling it to insurance companies that used it to raise insurance rates.
 
Texas Attorney General Ken Paxton also sued insurer Allstate and its Arity subsidiary for unlawfully collecting data on Texas drivers through their mobile apps.
 
Arguing that Texas drivers were unwittingly buying into a “comprehensive surveillance system,” General Paxton charges that, beginning in 2015, GM began collecting detailed data every time Texas drivers used their vehicles. According to the lawsuit:
​

• GM hid its data collection practices behind “onboarding” for products like OnStar Smart Driver.
• Coerced buyers to enroll by threatening to deactivate their vehicle safety features if they didn’t.
• Threw all manner of convoluted “disclosures” at customers (50-plus pages, delivered electronically) without clearly informing them of what was really happening.

But wait, there’s more! The lawsuit further alleges that GM:
​

• Sold that information (for princely sums) to companies, requiring them to build “telematics exchanges” to house the data and calculate driving scores.
• Required those data exchanges and driving scores to be licensed to insurance companies, with royalties to be paid to GM.
• Directed that calculated driving scores include “bad” behaviors such as driving late at night, turning sharply, hard braking, sudden acceleration, and driving over 80 mph.
• Fully knew that some insurance companies who were accessing the driving score data used it to increase monthly premiums, deny claims, or drop coverage.

The data GM collected and sold also allegedly included the date and duration of every drive, speed, seatbelt status, and more. What next? Recording our private conversations?
 
Obtaining consent is always a good idea, but burying it inside an interminable user agreement written in legalese appears to be at the heart of General Paxton’s case against GM. Fifty-plus pages of electronic gobbledygook full of dry product descriptions, confusing user terms and misleading “privacy notices” are the opposite of transparency. Imagine patients signing “I Agree” at the doctor’s office to give physicians the right to harvest their kidneys just because it happens to be in the fine print.
 
The reality is that we never read those interminable user agreements. “Direct” consent is what the law requires, and we hope lawsuits like this one will bring common-sense standards to bear on what has become a completely unwieldy, impractical, and utterly unfair business practice.

DONATE & HELP PROTECT YOUR PRIVACY RIGHTS