Your Car Is Watching: The FTC Just Proved It
You know that uneasy feeling when you realize your phone knows too much? Well, buckle up—your car has been taking notes too. In early 2025, the Federal Trade Commission dropped a bombshell: General Motors had been sharing drivers' precise location data and detailed driving behavior with third parties, all without proper consent. The settlement was significant—$10 million in refunds to affected drivers and strict new privacy rules.
But here's what really matters in 2026: this wasn't just about GM. This was the shot across the bow for the entire automotive industry. That Reddit discussion you saw? Those 961 upvotes and 37 comments captured exactly what privacy-conscious drivers have suspected for years. Our vehicles have become rolling data collection platforms, and most of us had no idea just how much information was being harvested—or sold.
In this deep dive, we'll unpack exactly what GM was doing, why it matters for every driver (not just GM owners), and most importantly, what you can actually do about it. I've been testing vehicle privacy for years, and what I've found might surprise you—but it doesn't have to leave you powerless.
The Data Goldmine Under Your Hood
Let's start with the basics. What exactly was GM collecting? According to the FTC complaint, we're talking about precise location data (we're talking within feet of accuracy), driving behavior (hard braking, rapid acceleration, speeding), and even when and where you parked. This wasn't just occasional pings—this was continuous, detailed surveillance of your movements.
Now, here's where it gets interesting. GM claimed this data collection was for "vehicle functionality" and "improving services." Sounds reasonable, right? But the FTC found they were sharing this data with insurance companies, data brokers, and marketing firms. That's the real issue—the disconnect between what drivers thought was happening and what was actually happening with their data.
From what I've seen testing various connected car systems, this practice is disturbingly common. Most modern vehicles with any connectivity—whether through built-in telematics or connected services like OnStar—collect far more data than drivers realize. The difference with GM was the scale and the lack of transparency about where that data was ending up.
Why Removing CarPlay and Android Auto Matters
Remember that Reddit comment about GM removing CarPlay and Android Auto? That wasn't just speculation—it's central to understanding the business model here. When you use CarPlay or Android Auto, your phone handles the infotainment. The car is basically just a display. But when the car manufacturer controls the entire infotainment stack? That's when they can collect data directly.
GM's move to their own Ultifi platform wasn't just about user experience. It was about data control. With their own system, they could track everything: what music you listen to, what destinations you search for, what apps you use, and how you interact with the system. That's valuable behavioral data that can be packaged and sold.
I've tested both integrated systems and phone-based systems, and the difference in data collection is stark. When your phone runs the show, Apple or Google gets the data (which has its own privacy implications, sure). But when the car manufacturer runs the show? They get first dibs on everything, and as we've seen with GM, they're not always transparent about what happens next.
The Insurance Connection You Didn't Know About
This is where things get really personal. The FTC found GM was sharing driving behavior data with insurance companies. Think about that for a second. Your hard braking on that rainy Tuesday? That could be affecting your insurance rates without you even knowing it.
Most people think of "usage-based insurance" as something you opt into—you install a dongle or use an app, and you get a discount for safe driving. But what GM was doing was different. They were sharing this data regardless of whether drivers had opted into any insurance program. Your car was essentially tattling on you, and you might never have known.
In my experience reviewing various telematics systems, the granularity of this data is shocking. We're not just talking "speeding" versus "not speeding." We're talking specific acceleration patterns, cornering forces, time of day driving, and even ambient conditions. This creates a incredibly detailed profile of you as a driver—one that's worth serious money to insurance companies.
Will Other Automakers Face the Same Fate?
That Reddit commenter hoping this would be a "template" for action against other manufacturers? They're onto something. The FTC's action against GM sets a clear precedent. Other automakers are absolutely watching this closely, and many are likely reviewing their own data practices right now.
Here's what I think will happen in 2026 and beyond: we'll see more scrutiny of automotive data practices across the board. The European Union's GDPR already treats vehicle data as personal data, and California's privacy laws are getting tougher too. GM was likely just the first domino to fall.
The key question is whether other manufacturers will proactively change their practices or wait to get caught. Based on what I've seen in the industry, most will take a "wait and see" approach unless forced. That's why driver awareness and pressure matter so much right now.
Practical Steps to Protect Your Driving Privacy
Okay, enough about the problem—let's talk solutions. What can you actually do to protect your privacy in your vehicle? Here are concrete steps that work:
First, dig into your vehicle's privacy settings. Most modern cars have them buried in the infotainment system. Look for "data sharing," "privacy controls," or "connected services" settings. Turn off everything you don't absolutely need. Yes, this might disable some features, but ask yourself: is remote start worth your location being tracked constantly?
Second, consider using a standalone GPS instead of your car's built-in navigation. I know, it's less convenient. But standalone GPS units don't phone home with your location data (at least not to your car manufacturer). Garmin DriveSmart 65 is a solid option that keeps navigation separate from your vehicle's data collection.
Third, if your car has a built-in cellular connection (like GM's OnStar), consider whether you really need it active. Many of these services have subscription fees anyway. Disconnecting might save you money and privacy.
The Bluetooth and Phone Data Loophole
Here's something most people miss: even if you're using CarPlay or Android Auto, your car might still be collecting data through Bluetooth. When your phone pairs with your car, it often shares metadata about your device, contacts, and sometimes even message previews.
I've tested this with various vehicles, and what gets shared varies wildly by manufacturer. Some are relatively respectful; others are shockingly invasive. The solution? Don't sync your contacts. Use Bluetooth only for audio, not for full integration. And regularly clear paired devices from both your phone and your car.
Another pro tip: create a separate profile or guest account on your car's system if it allows multiple users. Use that for general driving rather than your main profile. It won't stop all data collection, but it can help anonymize some of your activity.
What About Older Cars and Aftermarket Solutions?
If you're driving an older vehicle without built-in connectivity, congratulations—you're already ahead on privacy. But what if you want modern features without the surveillance? Aftermarket solutions exist, but you need to choose carefully.
Aftermarket infotainment systems can be a mixed bag. Some are actually better about privacy than OEM systems because they're not tied to a manufacturer's data monetization strategy. Others are worse. Look for systems that explicitly state their privacy policies and allow you to disable data collection.
For basic connectivity, consider a simple Bluetooth receiver that plugs into your aux port. MPOW Bluetooth Receiver gives you wireless audio without deep integration with your vehicle's systems. It's not fancy, but it gets the job done without compromising your privacy.
Common Mistakes Drivers Make (And How to Avoid Them)
Let's address some frequent privacy missteps I see:
Mistake #1: Clicking "agree" on everything during setup. When you first get a new car or use a new feature, take five minutes to actually read what you're agreeing to. Look for opt-out options buried in the terms.
Mistake #2: Assuming factory reset fixes everything. It doesn't. Your data may already be in the cloud. Before selling or trading in a vehicle, contact the manufacturer to request data deletion—and get it in writing.
Mistake #3: Using connected services "just to try them." Once your data is out there, you can't take it back. Test features in a privacy-conscious way, or better yet, research what data they collect before enabling anything.
FAQ: "Can I completely disable all data collection?" Probably not, if you want modern safety features like automatic crash notification. But you can minimize it dramatically by disabling non-essential connected services.
The Future of Automotive Privacy
Where does this go from here? In 2026, I expect we'll see more regulatory action, more consumer awareness, and hopefully, more transparency from automakers. The GM settlement includes requirements for clear privacy disclosures and affirmative consent for data sharing—that's a good start.
But real change will come from drivers demanding better. When you're shopping for a vehicle in 2026, ask about privacy. Read the fine print. Consider privacy as important as fuel economy or safety ratings. Because in a connected world, privacy is safety.
The automotive industry is at a crossroads. They can continue treating drivers as data points to be monetized, or they can build trust through transparency and respect. The FTC's action against GM shows which path regulators prefer. Now it's up to us as drivers to show which path we prefer—with our voices, our settings, and our purchasing decisions.
Your car should take you places, not take your data. Remember that the next time you get behind the wheel.
