GM Settles FTC Data Privacy Concerns: Impact on Insurance Practices

General Motors (GM) recently settled with the Federal Trade Commission (FTC) over concerns regarding data privacy practices linked to its OnStar Smart Driver program. The New York Times investigation revealed that GM had sold customer data, such as geolocation and driving habits, without explicit consent. This data, including details like speed and braking behavior, was sold to entities such as LexisNexis Risk Solutions and Verisk, potentially for insurance risk assessment and rate setting, impacting underwriting and claims practices.

Following these revelations, GM discontinued the OnStar Smart Driver program. As per the settlement, GM is barred from selling such data to consumer reporting agencies for five years. Additionally, GM has committed to securing explicit customer consent before collecting, using, or sharing connected vehicle data for the next 20 years. These moves highlight the growing importance of regulatory compliance requirements and consumer data protection in the industry.

The collection and use of driver data extend beyond GM, as other automakers also gather such information, often leaving consumers unaware of the extent of data sharing defined in privacy agreements. Notably, the Michigan Department of Insurance and Financial Services (DIFS) clarified that there are no restrictions against utilizing third-party data for setting auto insurance rates in Michigan. DIFS is committed to collaborating with national regulators to stay abreast of technological advancements and to enhance oversight of telematics in insurance ratemaking and risk management.

Insurance professionals must stay informed about the heightened scrutiny on telematics data usage and the potential changes in regulatory frameworks affecting data-driven insurance practices. Ensuring compliance with new standards and obtaining proper customer consent remain vital for industry stakeholders navigating these complex, evolving landscapes.