The FTC alleged that General Motors and its OnStar subsidiary collected and sold drivers' precise geolocation and driving behavior data (e.g., hard braking, speeding) to consumer reporting agencies without adequately notifying consumers or obtaining their affirmative consent. A proposed consent order bans the companies from disclosing this sensitive data to consumer reporting agencies for five years and requires them to implement clearer consent mechanisms, data access/deletion processes, and opt-out options.
The proposed order prohibits GM and OnStar from misrepresenting their data practices, bans disclosure of covered driver data to consumer reporting agencies for five years, requires affirmative express consent prior to collecting connected vehicle data (with limited exceptions), mandates a process for consumers to access and delete their data, and requires providing consumers the ability to disable precise geolocation collection and opt-out of geolocation/driver behavior data collection.
Entity
General Motors LLC, General Motors Holdings LLC, and OnStar LLC
Also known as: General Motors
Industry
AutomotiveOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-takes-action-against-general-motors-sharing-drivers-precise-location-driving-behavior-data
242 3052 general motors decisionandorder
https://www.ftc.gov/system/files/ftc_gov/pdf/242_3052_-_general_motors_decisionandorder.pdf
242 3052 general motors complaint
https://www.ftc.gov/system/files/ftc_gov/pdf/242_3052_-_general_motors_complaint.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
$18.0M
Consumer fraud enforcement action where the FTC settled with Air AI for misleading entrepreneurs with false earnings and refund guarantees. The company will be banned from marketing business opportunities and pay a suspended $18 million judgment with $50,000 for consumer relief. Violations included failure to provide required disclosures and false claims under the Telemarketing Sales Rule and Business Opportunity Rule.
$17.0M
Consumer fraud enforcement action where the FTC settled with Xponential Fitness for violating the Franchise Rule by misrepresenting key information to franchisees, including time to open and costs. The settlement includes a $17 million monetary judgment for redress and prohibits future misrepresentations.
Consumer fraud and advertising enforcement action where the FTC sent warning letters to 97 auto dealership groups for deceptive pricing practices, such as advertising prices that exclude mandatory fees, misleading consumers about total costs. The letters stress the need for truthful and transparent pricing in the automotive industry.
$100.0M
The FTC and 11 states settled with Walmart for $100 million over deceptive earnings claims in its Spark Driver gig worker app, where drivers were misled about base pay, tips, and incentives. The settlement also addressed GLBA violations for failing to provide proper notice regarding the handling of drivers' financial information. Walmart must implement an earnings verification program and is banned from misrepresenting driver earnings.
The FTC issued a policy statement announcing it will not enforce COPPA against operators that collect age verification data under specific conditions. The policy aims to encourage the use of age verification technologies to protect children online. Operators must limit data use, ensure security, provide notice, and use accurate verification methods.
The FTC issued a policy statement announcing that it will not enforce the COPPA Rule against website and online service operators that use age verification technologies solely to determine user age, provided they comply with conditions such as limiting data use, ensuring security, and providing clear notice. This policy aims to incentivize age verification tools to protect children online.