Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Senators Criticize OnStar’s New Auto Tracking Policy

A decision by OnStar to continue tracking drivers with the company’s GPS technology even after they have cancelled service has drawn the ire of privacy advocates.

A decision by OnStar to continue tracking drivers with the company’s GPS technology even after they have cancelled service has drawn the ire of privacy advocates.

Under the new policy, drivers who cancelled their subscription-based service will have their location and speed automatically tracked and would have to opt-out of the program to stop it. In addition, OnStar said it reserves the right to sell driver data collected on current and former customers to third-parties.

The policy change has drawn a chorus of critics, including Sen. Charles Schumer, D-NY, who sent a letter to the Federal Trade Commission (FTC) requesting it launch an investigation into OnStar.

“By tracking drivers even after they’ve cancelled their service, OnStar is attempting one of the most brazen invasions of privacy in recent memory,” Schumer said in a statement. “I urge OnStar to abandon this policy and for FTC to immediately launch a full investigation to determine whether the company’s actions constitute an unfair trade practice.”

According to reports, OnStar has contended that maintaining the two-way connection with customers’ vehicles enables the company to alert drivers about severe weather conditions as well as updated warranty data or recall issues. A OnStar spokesperson told the Associated Press Sept. 25 that while it reserves the right to share or sell data on customers’ speed, location and other information, it hasn’t done so and has no plans to.

Millions of drivers across America use OnStar’s GPS technology, which can be leveraged to track drivers and provide them with alternate driving routes and emergency response in the event of an accident. But given recent research on how hackers can target cars for nefarious purposes, the prospect of people sharing information about their vehicles inadvertently is likely to raise eyebrows.

“Nothing is more important than the safety and security of you and your family,” OnStar wrote in its announcement of the policy change. “At OnStar, we apply that belief to every aspect of our business, including the protection of your personal information. You have a right to be confident your information is kept secure and to understand our privacy practices, specifically, what information we gather, with whom we share that information, how we use that information to make your driving experience safer and more convenient, and what we do to protect your information.”

Sen. Schumer is not the only politician to jump into the fray. Senators Al Franken (D-MN) and Chris Coons (D-DE) sent a letter to OnStar criticizing the company for its decision.

“OnStar’s actions appear to violate basic principles of privacy and fairness for OnStar’s approximately six million customers—especially for those customers who have already ended their relationships with your company,” the two senators wrote in their letter. “…We believe that OnStar’s actions underscore the urgent need for prompt congressional action to enact privacy laws that protect private, sensitive information like location. In the meantime, we believe that it is the responsibility of corporate citizens like OnStar to take every step possible to safeguard the privacy of their customers.”

Written By

Click to comment

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...