Skip to main content

Independent journalism powered by readers like you.

Sign Up Free

How Connected Cars Became the Worst Privacy Nightmare: 25GB of Data Per Hour

highongoingBy OPV Investigations||10 min read

Modern connected vehicles generate approximately 25 gigabytes of data per hour of driving, capturing location, speed, acceleration, braking, steering inputs, voice commands, phone connections, and in some vehicles, cabin camera footage and biometric data. Our investigation reveals that 25 of 25 major automakers surveyed share or sell this data to third parties including insurance companies, data brokers, and government agencies. General Motors was caught selling detailed driving behavior data to insurance companies through intermediaries including LexisNexis, directly increasing premiums for customers without their knowledge. The Mozilla Foundation rated cars as the worst product category for privacy, with every brand failing to meet basic privacy standards.

The Data Generation Machine

A modern connected vehicle is equipped with an average of 100-150 electronic sensors that continuously monitor the vehicle and its environment. These sensors generate approximately 25 gigabytes of data per hour of driving, including precise GPS coordinates updated multiple times per second, accelerometer data recording every acceleration and braking event, steering angle and input patterns, cabin microphone recordings for voice assistants, connected phone contacts and call logs, and in newer vehicles, interior camera footage intended for driver monitoring systems. This data is transmitted to automaker servers through cellular connections that operate independently of the driver's phone. Unlike a smartphone, where users can adjust privacy settings and control app permissions, vehicles offer minimal user control over data collection. Most data collection cannot be disabled without also disabling essential vehicle functions like navigation and emergency services.

The GM-LexisNexis Insurance Scandal

In 2024, reporting revealed that General Motors had been sharing detailed driving behavior data with LexisNexis and Verisk, data analytics companies that supply information to insurance companies. The data included trip-level details of acceleration, braking, and speed for individual GM customers. Insurance companies used this data to adjust premiums, with some customers reporting increases of 20-40% after purchasing a new GM vehicle. GM enrolled customers in its OnStar Smart Driver program, often through dealer-configured opt-in during vehicle purchase, without adequately disclosing that driving data would be shared with insurance-adjacent companies. After the practice was exposed, GM discontinued the data sharing program, but the data already transferred to LexisNexis and Verisk remains in their databases. Lawsuits have been filed in multiple states alleging that GM violated state privacy laws and consumer protection statutes by failing to obtain meaningful consent.

Industry-Wide Privacy Failures

The GM scandal is not an outlier but rather a symptom of industry-wide privacy failures. The Mozilla Foundation's Privacy Not Included project evaluated all 25 major car brands and gave every single one a warning label for privacy practices. Common issues include collecting more data than necessary for vehicle operation, sharing data with third parties for marketing and monetization, using vague privacy policies that provide blanket consent for undefined future uses, and lacking meaningful opt-out mechanisms. Tesla's cabin cameras capture video that is transmitted to Tesla servers, with the company's privacy policy granting it broad rights to use this footage. Hyundai and Kia's connected car policies claim the right to collect information about your sexual life. Toyota's privacy policy states it may share data with affiliated companies and service providers. The fundamental problem is that connected vehicles are designed primarily as data collection platforms with transportation as a secondary feature.

Key Findings

  • Modern connected vehicles generate approximately 25 gigabytes of data per hour, including detailed location, driving behavior, and biometric information.
  • All 25 major car brands received failing grades for privacy from the Mozilla Foundation, making cars the worst product category for privacy.
  • GM shared driving behavior data with LexisNexis and Verisk, leading to insurance premium increases of 20-40% for some customers without their knowledge.
  • Most vehicle data collection cannot be disabled without disabling essential functions, providing drivers minimal control over their privacy.

Timeline

Mozilla Foundation rates all 25 major car brands as privacy failures in Privacy Not Included review.

New York Times reports GM sharing driving data with LexisNexis for insurance industry use.

GM discontinues OnStar Smart Driver data sharing program following public backlash.

FTC opens investigation into automotive industry data collection and sharing practices.

Affected Parties

Approximately 280 million registered vehicle owners in the United StatesDrivers unknowingly subject to insurance premium adjustments based on vehicle dataPassengers in connected vehicles generating data without consentIndependent auto repair shops denied access to vehicle data

SeekerPro

Unlock Premium Intelligence. $15.99/mo. Cancel anytime.

Learn more →

NexusBro

Audit any website in 60 seconds. Free QA report.

Learn more →

BliniBot

AI task automation. 5 free queries. No signup.

Learn more →

Related Investigations

Clearview AI's 40 Billion Face Database: The Surveillance Tool Police Won't Stop UsingThe $350B Data Broker Industry: How Your Location Is Sold 487 Times Per DayYour Smart TV Is Watching You: Samsung, LG, and Vizio Collect 7,000 Data Points DailyPeriod Tracking Apps Shared Data With Law Enforcement in Post-Roe ProsecutionsLinkedIn's Data Paradox: Your Resume Powers a $15B Data Business You Never Consented To23andMe's DNA Data Crisis: 14 Million Genetic Profiles at Risk After Bankruptcy FilingGoogle Ad Monopoly: DOJ Antitrust Case Exposes $200B Digital Ad EmpireMeta's Post-Cambridge Analytica Failures: $5B Fine Did Nothing to Stop Data AbuseAmazon's Secret Weapon: How Marketplace Seller Data Fuels Amazon Basics DominationApple's 30% App Store Tax: A $22B Annual Toll on Developers and Consumers

Explore Across Platforms

NexusBroAudit Your Website PrivacyNoizzPrivacy Tool Ratings

Frequently Asked Questions

What data does my car collect about me?
Modern connected vehicles collect an extensive range of data including precise GPS location updated multiple times per second, driving behavior data such as speed, acceleration, braking, and steering patterns, voice commands and cabin audio through built-in microphones, phone contacts and call logs from connected devices, navigation destinations and search queries, and in some vehicles, interior camera footage and biometric data. This data totals approximately 25 gigabytes per hour of driving. Most of this collection occurs continuously and cannot be disabled without affecting essential vehicle functions.
Can my car data affect my insurance rates?
Yes, car data can and has affected insurance rates. The GM-LexisNexis scandal revealed that detailed driving behavior data was shared with insurance industry analytics companies, leading to premium increases of 20-40% for some customers. Even after GM discontinued its data sharing program, similar practices continue across the industry. Insurance companies increasingly use telematics data from connected vehicles to assess risk and adjust premiums. Some usage-based insurance programs explicitly collect driving data, but the GM case demonstrated that data can also flow to insurers through indirect channels without drivers explicit awareness.
How can I limit the data my car collects?
Options for limiting vehicle data collection are unfortunately limited. You can decline or cancel connected services like OnStar or similar telematics subscriptions, though this may disable features including emergency calling. Avoid connecting your phone to the vehicle infotainment system, or use a burner phone for connections. Review and adjust privacy settings in the vehicle's infotainment menu, though available options are typically minimal. For some vehicles, aftermarket devices can block cellular data transmission, but this may void warranties and disable safety features. Fundamentally, the automotive industry has designed data collection as a core vehicle function, making meaningful opt-out difficult without industry reform or regulation.

SeekerPro

Unlock Premium Intelligence. $15.99/mo. Cancel anytime.

Learn more →

NexusBro

Audit any website in 60 seconds. Free QA report.

Learn more →

BliniBot

AI task automation. 5 free queries. No signup.

Learn more →

Sources

Stay informed. Take action.

Join the community holding corporations accountable.

Join 23,000+ readers who trust OPV for independent analysis

Get SeekerPro — $15.99/moSign Up FreeExplore Trending Stories

Cancel anytime. No commitment required.

Tools We Recommend

Is your website performing?

Free AI-powered QA audit. Find and fix issues in minutes.

Run Free Audit

Automate your marketing

AI-powered content creation, scheduling, and analytics.

Try Free

AI assistant that acts

Chat, automate tasks, browse the web. Your AI agent.

Chat Now

Want the Full Story?

SeekerPro gives you comprehensive investigative intelligence across 277 tools and services.

Try SeekerPro Free for 14 Days

$15.99/mo after trial. Cancel anytime.

Get the Inside Scoop

Weekly investigative insights and corporate accountability updates.

No spam. Unsubscribe anytime.

Visit Blossend.com →

Explore the full portfolio of independent AI tools and editorial properties at blossend.com.