Automakers Sold Driver Data to Third Parties Including Data Brokers, Senators Say

The customer data were sold for just a few cents per car, which the senators said was ‘particularly insulting.’
Automakers Sold Driver Data to Third Parties Including Data Brokers, Senators Say
GMC Hummer EVs at General Motors' Factory ZERO electric vehicle assembly plant in Detroit on Nov. 17, 2021. Nic Antaya/Getty Images
Naveen Athrappully
Updated:
0:00

Automakers are sharing “millions of Americans’ driving data” with data brokers without their consent, according to a letter sent by lawmakers to the Federal Trade Commission (FTC) that called for an investigation into the matter.

The July 26 letter from Sens. Ron Wyden (D-Ore.) and Edward J. Markey (D-Mass.) pointed to an investigation conducted by Wyden’s office of three auto manufacturers—General Motors (GM), Honda, and Hyundai. The firms were found to have shared driver data such as acceleration and braking info to data broker Verisk Analytics, which has clients in sectors such as insurance.

The company used to sell a product that rated drivers on their safe driving habits. Data were sourced from internet-connected cars, with automakers sharing the information with Verisk.

Verisk used these data to prepare driving behavior history reports that were sold to auto insurance firms. The company stopped selling the product after media outlets reported on the issue earlier this year.

“If the FTC determines that these companies violated the law, we urge you to hold the companies and their senior executives responsible,” the letter reads.

According to information GM provided to Wyden’s office, the company “failed to obtain informed consent from consumers before sharing their data, and used manipulative design techniques, known as dark patterns, to coerce consumers into enrolling in its Smart Driver program.”

The company did not disclose to customers that when they enroll in the Smart Driver program, “their driving data would be shared with data brokers and resold to insurance companies,” according to the letter.

Moreover, the car manufacturer shared the location data of all drivers who activated the internet in their vehicles, even when they had not enrolled in Smart Driver, the company told the senator’s office. This information was then distributed among other parties.

Meanwhile, Honda shared data from 97,000 cars with Verisk between 2020 and 2024. Honda was paid 26 cents per car, receiving $25,920. The company engaged in the practice “without obtaining informed consent from consumers.”

When customers signed up for Honda’s Driver Feedback program, they had to accept lengthy legal terms. While the company mentioned that the collected data would be sent to Verisk, this disclosure “did not appear on the first page“ and was ”not likely to be seen by many consumers,” the letter stated.

Hyundai sold the data from 1.7 million vehicles with Verisk between 2018 and 2024 for a total of $1.04 million.

When Hyundai customers wanted to enable internet connection in their cars, they had to click through a consent form. Like with other brands, Hyundai did not disclose that agreeing to the consent form and activating the internet would mean that their data would be shared with Verisk.

“The problematic practices we have uncovered and documented in this letter are likely just the tip of the iceberg,” the lawmakers wrote in the letter.

“Companies should not be selling Americans’ data without their consent, period. But it is particularly insulting for automakers that are selling cars for tens of thousands of dollars to then squeeze out a few additional pennies of profit with consumers’ private data.”

Company Responses

Responding to the letter, GM denied that it deceived customers into enrolling in the data-sharing program with Verisk. Data-sharing partnerships with Verisk and LexisNexis were canceled in March, and its data-sharing program called “Smart Driver” ended in June, GM stated.

“Data was only shared with an insurer if a customer initiated a quote directly with their chosen carrier and provided a separate consent to that carrier,” the email reads.

The company said it does share “de-identified” data with partners to aid city infrastructure and make roads safer.

In a statement, Hyundai said the senators’ letter mischaracterizes its data policies and that it has safeguards to make sure customers agree to sharing driving information with insurers.

Customers, it said, had the option to connect driving scores to their insurers through Verisk for possible benefits such as good-driving discounts.

“It is important to note that Verisk was not authorized by Hyundai or the customer to share the Drive Score data with insurers until the customer affirmatively consented to this on an insurer’s website or app,” Hyundai said.

Honda also said that customers had to opt into the program with Verisk. Some customers with good driving scores were given the chance to agree to discount offers from insurers.

“Without that clear second opt-in by the customer, no identifiable consumer information was shared with any insurance company,” Honda said.

The Epoch Times reached out to the automakers for comment.

Data Compromise

A September 2023 report from the Mozilla Foundation also warned that several automakers collected personal data from consumers and sold or shared data with third parties. Most car owners were unaware about the amount of private data that was being collected and how it was used.
A growing number of companies are seeking to gain access to car data. Car manufacturers collect data that are used for maintenance and road assistance. Navigation and in-vehicle infotainment companies have access to data related to driving, music, and third-party applications. Telecom operators that offer connectivity solutions can collect telematics data from the vehicle.

Among the many pieces of information that are routinely left in car memory are phone books, call logs, passwords, biometrics, text messages, navigation history, home addresses, third-party apps, vehicle credentials, garage door codes, medical information, and financial details.

The Biden administration is probing concerns about data collection from vehicles made by China.

“We’re looking at a few components and some software, not the whole car, but it would be some of the key driver components of the vehicle that manage the software and manage the data around that car that would have to be made in an allied country,” Alan Estevez, undersecretary of Commerce for Industry and Security, said during a recent forum.

“A modern car has a lot of software in it. It’s taking lots of pictures. It has a drive system. It’s connected to your phone. It knows who you call. It knows where you go. It knows a lot about you.”

The Associated Press contributed to the report.
Naveen Athrappully
Naveen Athrappully
Author
Naveen Athrappully is a news reporter covering business and world events at The Epoch Times.