The FTC alleged that General Motors and its OnStar subsidiary collected and sold drivers' precise geolocation and driving behavior data (e.g., hard braking, speeding) to consumer reporting agencies without adequately notifying consumers or obtaining their affirmative consent. A proposed consent order bans the companies from disclosing this sensitive data to consumer reporting agencies for five years and requires them to implement clearer consent mechanisms, data access/deletion processes, and opt-out options.
The proposed order prohibits GM and OnStar from misrepresenting their data practices, bans disclosure of covered driver data to consumer reporting agencies for five years, requires affirmative express consent prior to collecting connected vehicle data (with limited exceptions), mandates a process for consumers to access and delete their data, and requires providing consumers the ability to disable precise geolocation collection and opt-out of geolocation/driver behavior data collection.
In-house legal teams should review all vendor agreements (particularly with data brokers or consumer reporting agencies), customer-facing terms of service/privacy policies, and data processing agreements. Focus on clauses governing data sharing, consent mechanisms (especially for sensitive data like precise geolocation and driving behavior), opt-out rights, data retention, and disclosures to third parties. Changes needed include: adding explicit, affirmative consent requirements for collecting and sharing sensitive connected vehicle data; prohibiting disclosure of such data to consumer reporting agencies for five years; implementing clear, accessible opt-out processes; establishing robust data access and deletion procedures; and ensuring enrollment processes are not misleading.
Entity
General Motors LLC, General Motors Holdings LLC, and OnStar LLC
Also known as: General Motors
Industry
AutomotiveOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-takes-action-against-general-motors-sharing-drivers-precise-location-driving-behavior-data
242 3052 general motors decisionandorder
https://www.ftc.gov/system/files/ftc_gov/pdf/242_3052_-_general_motors_decisionandorder.pdf
242 3052 general motors complaint
https://www.ftc.gov/system/files/ftc_gov/pdf/242_3052_-_general_motors_complaint.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
"General Motors LLC, General Motors Holdings LLC, and OnStar LLC"
"GM failed to clearly disclose that it collected consumers’ precise geolocation and driving behavior data and sold it to third parties, including consumer reporting agencies, without consumers’ consent."
"GM monitored and sold people’s precise geolocation data and driver behavior information, sometimes as often as every three seconds."
"The proposed order would prohibit GM and OnStar from misrepresenting information about how they collect, use, and share consumers’ location and driver behavior data."
"The proposed order would ban GM and OnStar from disclosing consumers’ geolocation and driver behavior data to consumer reporting agencies for five years from the date the order is entered."
"The companies must obtain affirmative express consent from consumers prior to collecting connected vehicle data, with some exceptions such as providing location data to emergency first responders."
The FTC sent warning letters to 12 companies offering 'nudify' tools that generate nonconsensual intimate images, for failing to comply with the TAKE IT DOWN Act (TIDA) by not providing a mechanism for victims to request removal of such content. The letters urge immediate compliance with TIDA, which requires platforms to remove nonconsensual intimate images within 48 hours of a valid request. Noncompliant companies may face future legal action and civil penalties of up to $53,088 per violation.
The FTC began enforcing the TAKE IT DOWN Act on May 19, 2026, a law requiring covered platforms to establish a process for victims to request removal of nonconsensual intimate images and delete such content within 48 hours of a valid request. The agency launched a consumer complaint portal, issued compliance guidance for businesses and consumers, and sent reminder letters to major platforms including Meta, TikTok, and X about their obligations under the law. No specific penalties or enforcement actions against individual companies were announced in this release.
$6.5M
A federal court held Cliq Inc. and its executives Andrew Phillips and John Blaugrund in civil contempt for multiple violations of a 2015 FTC order requiring the payment processor to prevent enabling consumer fraud. The court found the defendants facilitated fraud by processing transactions for high-risk merchants, avoiding fraud monitoring, failing to conduct required underwriting, and ignoring chargeback thresholds. The court imposed $6.5 million in civil contempt sanctions against the defendants.
$795.8M
The FTC and State of Nevada settled charges with lead defendants of the IM Mastery Academy MLM scheme, including Chris and Isis Terry and their affiliated companies, over false earnings claims used to promote financial training programs and a multi-level marketing venture. The stipulated order imposes a $795.8 million judgment, with defendants surrendering nearly $90 million in assets including luxury real estate, vehicles, jewelry, and a yacht, totaling over $100 million with prior judgments from other involved defendants. The order also bans defendants from selling trading-training services, prohibits false earnings claims, and restricts deceptive practices including negative-option misrepresentations and telemarketing violations.
The FTC and State of Illinois, via the Department of Justice, filed a complaint against B.E.S.T. GDR LLC (d/b/a Premium Home Service) and its owner Yosef Bernath for creating thousands of fake home repair business listings with fabricated five-star reviews to deceive consumers. The defendants allegedly routed consumer calls to unqualified representatives, arranged for unlicensed technicians, and violated the FTC Act, Reviews and Testimonials Rule, Gramm-Leach-Bliley Act, and Illinois consumer protection laws. No monetary penalty has been imposed yet as the case is in initial filing stages.
Federal Trade Commission Chairman Andrew N. Ferguson sent letters to over a dozen major technology companies reminding them of their obligation to comply with the Take It Down Act (TIDA) by May 19, 2026. TIDA requires covered platforms to establish a process for victims, including children, to request removal of nonconsensual intimate images, with takedown of content and all identical copies required within 48 hours of a valid request. The FTC also issued supplemental guidance to help companies prepare for compliance and warned that it will monitor and enforce violations of the law.