What they're not telling you: # GM's $12.75M Settlement Exposes the Silent Data Marketplace Hidden Inside Your Car General Motors has agreed to pay $12.75 million to OnStar subscribers to brokers" style="color:#1a1a1a;text-decoration:underline;text-decoration-style:dotted;font-weight:500;">California authorities after an investigation revealed the automaker systematically sold precise location and driving behavior data harvested from OnStar subscribers to data brokers—without adequately disclosing the practice or obtaining explicit consent. The settlement, which resolved claims that GM violated California's consumer protection laws, marks a rare instance of a major automaker facing consequences for weaponizing vehicle telematics. OnStar, GM's connected car service, collects granular information about where subscribers drive, when they drive, how fast they travel, and patterns of movement that reveal intimate details about daily life.
# THE TAKE: GM's Data Mugging Gets a Parking Ticket GM sold your movement. Your destination. Your patterns. Then paid $12.75M—pocket change for a Fortune 500 company—to make it disappear. Let's be precise: this wasn't negligence. This was *business model*. OnStar subscribers thought they were buying roadside assistance. GM converted them into tradeable commodities, hawking their geolocation to insurance brokers, repossession firms, and data intermediaries. The perfect crime: monetize trust. The prosecution called it illegal. California's settlement proves it. But notice what didn't happen: criminal charges, executive indictments, or meaningful damages to victims. $12.75M amounts to regulatory theater—expensive enough to look serious, cheap enough to preserve shareholder value. GM admitted nothing. Paid quietly. Moved on. This is how corporate predation survives: settlements that cost less than advertising budgets, regulators satisfied with ransoms, and your location data already sold to the next buyer. The real story? They're *still doing it*.
What the Documents Show
California investigators determined this data stream was being monetized through third-party sales, transforming millions of vehicles into surveillance devices generating revenue for the manufacturer. The $12.75 million penalty suggests California's attorney general concluded the violation was systematic enough to warrant enforcement action, yet modest enough that it posed no existential threat to GM's operations. What distinguishes this case from routine privacy complaints is the mechanism of extraction. OnStar subscribers enrolled in a service ostensibly designed for emergency response and vehicle diagnostics. The data being sold to brokers—entities that aggregate and repackage consumer information for commercial purposes—extended far beyond what most consumers reasonably understood they were authorizing.
Follow the Money
Location data combined with driving patterns creates a behavioral profile more intimate than most people realize: it reveals medical appointments, romantic relationships, political affiliations, religious practice, and financial vulnerability. When aggregated across millions of vehicles, such data becomes a powerful tool for price discrimination, targeted advertising, and social manipulation. GM's willingness to monetize this stream reflects how thoroughly privacy has been subordinated to revenue extraction in the automotive industry. The mainstream coverage of this settlement has largely treated it as a discrete compliance failure—GM broke a rule, California caught them, they paid up. This framing obscures the systemic reality: data brokerage from connected vehicles isn't an abuse of a well-functioning system, but rather the intended business model operating exactly as designed. Manufacturers across the industry have built connected car platforms with full knowledge that the data exhaust would be valuable.
What Else We Know
The surprise isn't that GM sold data, but that California's investigation was thorough enough to generate sufficient evidence for enforcement action. Most states lack the resources or regulatory apparatus to investigate such practices at scale. The settlement also understates the ongoing risk. Paying $12.75 million is a cost of doing business for an automaker generating billions in annual revenue. The penalty structure creates no meaningful incentive for GM or competitors to restructure how they handle subscriber data. Until enforcement actions reach levels that actually threaten profitability—or until regulations mandate genuine opt-in consent with granular control over data uses—the monetization of vehicle telematics will continue.
Primary Sources
- Source: r/privacy
- Category: True Crime
- Cross-reference independently — don't take our word for it.
Disclosure: NewsAnarchist aggregates from public records, API feeds (Federal Register, CourtListener, MuckRock, Hacker News), and independent media. AI-assisted synthesis. Always verify primary sources linked above.