By on September 25, 2011

Editor’s note: When I wrote about OnStar’s latest round of privacy concerns, I didn’t realize that the chairman of the Senate Judiciary subcommittee on privacy, technology and the law had voiced his own concerns in a letter published just the day before. Here is the letter, as published at Senator Franken’s website. OnStar has already said it will respond to specifically to the concerns of Senators Franken and Coons.

Ms. Linda Marshall, President
OnStar Corporation
400 Renaissance Center
Detroit, MI 48265

Dear Ms. Marshall:

We are writing to express our serious concern with OnStar’s announcement earlier this week that it would continue to track the GPS locations of its customers’ vehicles even if those customers have affirmatively ended their contractual plans with OnStar.  In this email announcement, OnStar informs its current and former subscribers that it reserves the right to track their locations “for any purpose, at any time.”  It appears that the only way to stop this tracking is to actually call OnStar and request that the data connection between OnStar and the vehicle be terminated; this service is not available online.  OnStar further reserves the right to share or sell location data with “credit card processors,” “data management companies,” OnStar’s “affiliates,” or “any third party” provided that OnStar is satisfied that the data cannot be traced back to individual customers.  See OnStar, Privacy Statement: Effective as of December 2011.  In a nutshell, OnStar is telling its current and former customers that it can track their location anywhere, anytime—even if they cancel their subscriptions—and then give or sell that information to anyone as long as OnStar deems it safe to do so.

OnStar’s actions appear to violate basic principles of privacy and fairness for OnStar’s approximately six million customers—especially for those customers who have already ended their relationships with your company.  OnStar’s assurances that it will protect its customers by “anonymizing” precise GPS records of their location are undermined by a broad body of research showing that it is extraordinarily difficult to successfully anonymize highly personal data like location.  See generally Paul Ohm, Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization, 5 UCLA Law Review 1701 (2010) and Marco Gruteser and Baik Hoh, On the Anonymity of Periodic Location Samples, in Second International Conference on Security in Pervasive Computing, Boppard, Germany (2005) at 179-192.  If a data set shows the exact location where a car starts every morning, the roads that car travels on its morning commute, the office where it is parked during business hours, and the schools where it stops on its way home, it is unnecessary for that data set to include a name or license plate for it to be connected to an individual and his or her family.

We urge you to reconsider these decisions.  We also urge you to better inform your customers of their ramifications.  To that end, we request that you provide answers to the following questions:

1.      Does OnStar believe that its actions comply with federal law?
2.      Will OnStar allow its customers to deactivate their data connections online?
3.      If a customer deactivates their data connection, will OnStar delete the existing location information they have gathered for that customer?  Or does OnStar reserve the right to store and sell that information regardless of deactivation?
4.      Has OnStar ever suffered a breach of its customers’ location data?
5.      Has OnStar ever suffered a breach of any of its customers’ private information?
6.      How will OnStar protect non-anonymized data on its servers in light of recent breaches at major institutions like Citibank, Sony and the International Monetary Fund?
7.      How exactly will OnStar anonymize its location data?
8.      Will OnStar seek its customers’ consent before sharing or selling their location data to third parties?  Does OnStar believe it is legally required to do so?
9.      Will OnStar inform its customers of the entities to whom it sells location data?
10.  Has OnStar already disclosed or sold any of its customers’ location data with third parties?  Which third parties?
11.  Will OnStar agree to stop the tracking, sharing, and sale of location data for customers that have ended their subscriptions to OnStar services?

We believe that OnStar’s actions underscore the urgent need for prompt congressional action to enact privacy laws that protect private, sensitive information like location.  In the meantime, we believe that it is the responsibility of corporate citizens like OnStar to take every step possible to safeguard the privacy of their customers.

We appreciate your prompt attention to this matter.

Sincerely,

Al Franken                                                                                          Christopher A. Coons
Chairman, Subcommittee on                                                               United States Senator
Privacy, Technology and the Law

Get the latest TTAC e-Newsletter!

50 Comments on “Senators Franken And Coons Question OnStar Over New Policies...”


  • avatar
    Educator(of teachers)Dan

    Maybe THIS is the Al Franken Decade.

  • avatar
    CJinSD

    Franken just doesn’t want OnStar listening while his goons are rigging elections.

    • 0 avatar
      ClutchCarGo

      Would you care to provide a reliable, independant citation for that allegation?

      • 0 avatar
        CJinSD

        By ‘reliable, independant(sic) citation,’ I assume you mean one of the left wing propagandists that you’ve farmed out your thinking to. Give me a list of who you can believe without exposing yourself to evidence that you’re on the wrong path and I’ll see what they’ve got on the subject.

      • 0 avatar
        acuraandy

        As a citizen of MN, HE DID RIG THE ELECTION by utilizing the out-of-state college student vote, as Minnesota’s election laws allow people to vote without ID, and with a simple vetting by a resident to an election judge. (P.S. Mark Dayton did the same thing)

        With that said, good for Sen. Frankenstein for bringing this up.

      • 0 avatar
        mike978

        CJ and acuraandy – the Franken case went to the MN Supreme Court (independent branch of government) and he won. The case did drag on for some time so it was well litigated. Republicans do have experience of litigating in-front of supreme courts in elections (George Bush Jr in 2000.)
        For every example or accusation of Democrats stealing elections there is an equal one of Republicans, whether it be reducing the polling hours, reducing early voting, no paper trail for vote counting machines and needing voter ID cards etc.
        CJ – you really think there are no right wing propagandists (or just ones yo have never disagreed with). At least you are not publicly saying you wish he would die horribly unlike you did on TTAC earlier this month about Lutz.

        Also Andy – surely the republicans would also have got out of state student, who happened to be in MN at the time of election (and therefore legally able to vote). So the election was not rigged,as that implies illegality which I am sure would have been brought up. I know you would shocked to learn that Republicans also alter rules to benefit groups more likely to vote for them (so disenfranchising minorities, students etc).

      • 0 avatar
        ClutchCarGo

        CJ, if you’ll forgive my typo I’ll forgive your smug, self-satisfied demeanor. I’m quite capable of handling my own thinking without resorting to the sneers and innuendo that you’re so fond of. As to reliable and independent, I’ll consider anything that’s been vetted by the legitimate authorities in the matter.

    • 0 avatar
      forraymond

      FLORIDA.

      • 0 avatar
        windswords

        Glad you bought my state up. In Florida they could not prove one case of election tampering. Congress tried to find a minority who was denied the right to vote and they could not find one. Then the newspapers went and counted the votes on their own and found out that Bush won the state (which is why you didn’t hear much about it – had been different it would have front page news for weeks). The only nefarious activity imho was the disenfranchising of the military vote, trying to throw the votes out on technicalities that were not under the control of the voters and had nothing to do with whether that person had the right to vote in the election and did in fact vote in time.
        I’m glad the Supreme Court saw thru Al Gore’s machinations in the selected recount and voted 7-2 to stop it in it’s tracks.

  • avatar
    MrWhopee

    Go Senator Franken, go! He’s definitely good enough, smart enough, and doggone it, people will like him if he keep doing good work for the public like this!

  • avatar
    Beerboy12

    Onstars’ greed and lack of integrity are bewildering. The question is, is this a case of if the customer is to obtuse to question the service they deserve to be spied on, or, is this a good argument for government regulation?

    • 0 avatar
      highdesertcat

      If you are concerned about being tracked, don’t buy a GM product. But ALL the manufacturers are eventually switching to some sort of tracking/monitoring device.

      Some time ago I watched GM shut down a stolen Tahoe on an Interstate and the owner did not even subscribe to On-Star. But the cops, using the owner’s name and information, told On-Star to shut down the vehicle in a controlled manner. And they did.

      Impressive to watch as the Tahoe slowed down in a gradual manner and eventually died on the side of the road with a bunch of cop cars behind it. So out of the driver side door pops…. a woman. A lady thief.

      It’s a sign of the times. All cars will eventually have this law-enforcement and tracking tool as standard equipment. Disabling it won’t work either because it will cripple the engine management system. Big Brother is watching us.

    • 0 avatar
      forraymond

      Government regulation is killing America if you payed attention to the recent “debates”.

      I guess all regulation is bad until it affects you…hypocrisy

    • 0 avatar
      mikedt

      There is little “difference between the government tracking people and private parties doing the same.” Since the government just buys the data or requests it via secret requests. In fact, in the few cases where the government is legally unable to collect the data, they just buy it. There’s no law against that.

      If the data is there, our government (federal/state/local) will get it. You can thank the ever lowering cost of data storage for that.

  • avatar
    ExPatBrit

    Onstar is welcome to do this to me.

    I think reimbursing me $50 a month as compensation would be fine.

    Otherwise I would be pulling the fuse on that gadget.

  • avatar
    John Horner

    Al Franken continues to impress as a Senator. He is smart, insightful, determined, and able to easily deal with hecklers. We could use a few more like him, and a few less who cut their teeth as lawyers. One troubling aspect of legal training is that a lawyer is taught to argue strongly for whichever client is paying them. Over time, it seems to me that this might lead some people to loose their own moral compass.

    • 0 avatar
      Educator(of teachers)Dan

      Go look him up on YouTube. He always makes me laugh when I hear him tear someone apart. Admittedly there are times when he sounds like an a-hole but he’s an a-hole who seems to be on the side of the people.

    • 0 avatar
      240SX_KAT

      I certainly give an immediate understanding why most representatives are more interested in representing corporations instead of their electorate. The corporations are their clients as they paid for their election, and their lawyer training tells them that it’s the right thing to do.

      I guess it’s time to ban lawyers from making laws.

    • 0 avatar
      philadlj

      Agreed. I thought he’d be a goofball, but he’s been taking his job very seriously.

  • avatar
    SKUSA_boy

    It’s not cool for OnStar to spy on people who aren’t subscribers. However it’s fairly simple to remove or disconnect the OnStar module.

    Search the internet for “remove OnStar module” and instructions are widely available.

    Since most of these “telematics” systems were developed by other suppliers for the OEM car manufacturers, the modules are usually a small box that can be easily disconnected or removed. They aren’t “integrated” into the electronics of the car.

  • avatar
    Dynamic88

    I like Al Franken. I believe GM should not track the location or sell the info w/o the car owners consent.

    Now, having said this, can someone explain to me the value of this info? Why does Acme Corp. want to know, via GM, where my car is and where it’s going? What is Acme trying to sell me? I don’t get the value of this info, but then I listen to a tube radio and don’t watch TV, so I’m pretty out of touch with the modern world.

    Aside from “the principal of it” why do I care, in down to earth practical terms?

    • 0 avatar
      sitting@home

      “can someone explain to me the value of this info?”

      Targeted advertising is going to get a lot smarter. If the advertiser knows that twice as many Hondas pass a location than Chevys then all of the Tire change billboards will show a Honda with a flat at the side of the road. With active display billboards they could target an ad directly at you; they may not know your name but they know your car make and mileage and so could ping up a “30,000 mile service due soon, why not visit City Chevy for all your service needs”.

      • 0 avatar
        Dynamic88

        OK. That doesn’t harm me in the least.

      • 0 avatar
        Lorenzo

        How about your auto insurance company wanting to know how fast you drive, or if you visit areas with high vandalism/theft rates? Or your life insurance company wants to know how often you go to a fast food drive-up, or visit a casino, gym, doctor’s office or “house of ill-repute”? Or crooks with a front company learning when you’re not at home? With all your travel habits, and actual location, available for a price, the possibilities for others to separate you from your assets are endless.

      • 0 avatar
        Dynamic88

        In response to Lorenzo

        Let’s be honest, this is just about speeding. The rest of the arguments are pretty much just padding to make it sound like it’s really terrible – but it’s just about speeding.

        If I did frequent areas of high vandalism/theft wouldn’t it be fair for the insurance company to factor that into the cost of insuring my car?

        I rarely eat fast food. How do they know I didn’t get the Mc-salad?

        Visiting a casino isn’t illegal. Stupid, yes, but not illegal.

        Not going to a gym does not equate with poor health. In fact, it may be inversely proportional.

        Presumably going to the doctor stands me in good stead with my health insurance company.

        No houses of ill-repute where I live, just streetwalkers.

        Are crooks with a front company really going to pay GM for this info? Isn’t it cheaper just to watch my house? (If they can get past the dog they can have anything they can carry) All the burglaries in my neighborhood are between 3:30pm and 6pm – the time when kids are home from school but parents are still at work. I doubt HS kids will pay GM for my travel info.

    • 0 avatar
      George B

      Imagine a world where advertising becomes more targeted and therefore less expensive. The already overwhelming volume of useless information goes up, disguised as something that might be relevant to you. In the limit case, advertising gets integrated into the navigation system so you can’t escape from it.

  • avatar
    Damon Romano

    I’m grateful that I have a love cars old enough to be “nanny-free”.

  • avatar
    golden2husky

    Everybody always whines that the government is spying on you…the government is not interested in the average person’s movements. Big Business is the enemy in this arena. Anything they can do to separate you from your money and make it theirs is the goal. Learn where the module is for this system and remove it. And when you are in there, find out if you car has a Event Data Recorder. Learn where it is, remove its screws for fast removal and in the event of an accident, remove it and destroy it. No need to give the “Gekko” ammunition to raise your rates…

    • 0 avatar
      Educator(of teachers)Dan

      +1 I feel exactally the same way about Progressive Insurance’s offer to stick you with a data recorder to “lower your rates.” Feel as you will about my speeding but I would say that my 18 years (age 16 to age 34 – right now) without an accident would be enough to lower my rates.

      • 0 avatar
        highdesertcat

        Dan, interesting comment that, since my insurance agent told me that what really matters is the amount of miles a person drives and their exposure to the probability of being in an accident based on their location, even if it is not their fault.

        For instance, my wife puts about 20K+ miles on her vehicle each year so her chances of being in an accident are greater than those putting only 10K miles on their vehicle, in the same location. With a measuring device the insurance companies can target risk assessment more accurately to those with the greater exposure.

        Rates are higher in ABQ/SF because the risk is higher there than, say, Cuba, Thoreau, Gallup or Zuni. With me El Paso is the big risk compared to Timberon, Dog Canyon, Boles Acres or Orogrande.

        I should stress that neither my wife nor I have been in any accidents or have received any citations. However, our insurance rates would change drastically if our insurance company actually found out how many miles we each drive every year. I would expect our rates to double.

        That’s why I’m against all this monitoring and spying by the car makers and the insurance companies.

      • 0 avatar
        mike978

        highdesertcat – so you are against this because the insurance companies could accurately ascertain risk and make those you are more risky (in your case driving alot) to pay more. One could say that is equal to freeloading now and not paying your correct amount of insurance. I thought conservatives were against people not paying their fair cost (as in health insurance). I am of course being rhetorical since I don`t want to be tracked either, but I like pointing our seeming inconsistencies!

      • 0 avatar
        highdesertcat

        Mike978, I’m hardly conservative (LOL)! I started life as a Democrat born into a union household, became a Republican when I joined the Air Force because I had to pay taxes from my meager pay, and then became a registered Independent (or not affiliated with any political party), when I retired from the Air Force in 1985. Haven’t worked a day since. Not exactly conservative material, eh? More Democrat, freeloading, than anything else, maybe.

        I have voted for candidates of all political persuasions. Once I retired from the Air Force I became a proud member of the faction of US citizens who pay no income taxes at all, and I continued full-speed ahead on the dole when I started drawing my social security retirement at age 62. Now I’m on Medicare, too! And TriCare for Life. It doesn’t get any better than that.

        Whatever I can get for “free or next to nothing” is a trait left-over from my days as a Democrat. I just have an aversion to anything that includes government monitoring of its citizens or in the case of insurance letting people who cause accidents pay less than people who drive for a living, like truckers, vendors, real-estate agents, couriers, etc. Regrettably, my state is particularly bad at legislating common-sense law.

        For instance, New Mexico is one of just a few states that allow illegal aliens to lawfully obtain drivers licenses even if they do not live or reside in New Mexico. Most of the illegals holding a New Mexico State drivers license do not live in New Mexico at all.

        I’m against illegals having a New Mexico drivers license, too. No, whatever I have actually worked for and paid into is what I consider my fair share, and I want it.

        If insurance rates were equally applied I would gladly pay it, but as it is, in MY state I have to pay 50% of MY coverage in addition to MY Premium to protect myself from Uninsured Motorists.

        In essence, I’m paying for the people who are not insured as well as my own insurance. See where I’m coming from? Like Dan, I haven’t had any claims, accidents or tickets, yet my rates on two cars in a desolate state where I reside in the middle of the forlorn desert is way too high for the risk I represent. Let’s not complicate it with On-Stare or other types of driver-monitoring.

      • 0 avatar
        mike978

        Highdesertcat – I stand corrected. I don`t consider drawing social security to be free-loading since you have had to pay into take take out. Plenty of Republicans take more than they get in since many vote on social issues even if they are dirt poor. I don`t mind subsiding them with the progressive (i.e. tiered) income tax.

        I didn`t know about the illegal immigration situation in NM. I don`t agree with them getting driver’s licences either and I can see how it inflates your insurance.

      • 0 avatar
        jimpen

        @mike978
        Isn’t the point of buying insurance the spreading out of risk? By narrowing down the size of the pool of people you spread the risk over based on their tracking data don’t you make it that much more likely that an insurance company will not want to sell insurance to those people it finds more ‘at risk.’ More than likely they won’t stop selling that insurance but instead price it such that those who need it most just can’t afford it.

        Insurance agent: “I’m sorry Mr. Gibson but there is a premium increase of 62% and a minimum $1500 deductible for owners of a green Honda Banshee who travel more than ~7.5K mile per year on highway 105. There’s also an additional $130/year surcharge for traveling the majority of those miles between the hours of 11:13am and 6:52pm.”

        TL;DR: GPS tracking data allows insurance companies to decrease risk pool size for the purpose of cherry-picking the highest profit/lowest risk pools. (And who says increased profits will be passed along as savings for the consumer?)

  • avatar
    Potemkin

    Are the lunatics once more in charge of the asylum at GM? I asked a few friends what they thought of OnStar tracking them, and profitting from the info, even after they dropped their service and they all said they would not buy a onstar equipped vehicle. In a climate of fierce competition in the auto business why would you try to chase off customers?

    • 0 avatar
      acuraandy

      @Potemkin, because there is something in the water in Detroit that kills brains. Or perhaps the CEOs at GM and OnStar are hanging out with the factory workers again at lunch…

      http://www.myfoxdetroit.com/dpp/news/chrysler-auto-workers-busted_20100923_dk

    • 0 avatar
      240SX_KAT

      I see it more as a desperate attempt to improve the balance sheet.
      It would not surprise me in the least if someone in the government quietly told GM to get the stock price up so they can get out before the election without losing any more skin.

      When your master says “Jump” the only answer is “How high?”

  • avatar
    ixim

    Most new GM cars come with 1 free year of OnStar [at least, they used to]. I believe the take rate after that is quite high, well over 60% in 2007, especially among owners of luxury cars. Back in 2005, my refusal to continue the service in my Buick led to many phone calls with offers of discounts. The overpriced celphone minutes was my main reason; had they been monetizing my information, I never would have activated it in the first place. A minority view, I think.

    • 0 avatar
      CamaroKid

      Not as small a minority as you might think… The take up rate for OnStar completely falls off the map after the end of the second year and people realized just how expensive a service it is… After the second year it is NOT well over 60% it is closer to 20% which is one of the reasons that GM is doing these brain dead stunts… The system is NOT a profit center, never has been and likely never will be.

      • 0 avatar
        ixim

        Thx for the info. I thought OnStar was wayyyy overpriced, even without the ridiculous celphone rates [you used minutes as soon as you started dialing, just like celphones circa 1990!].

  • avatar
    Jurgen

    Everyone knows that Rio Rancho has the best drivers in NM. lol We don’t need no stinkin’ data recorders.

  • avatar
    shaker

    If you intend to disable onstar (for example, to cheat on your ol’lady) make sure to buy a “throwaway” cell phone (to tell the wife that you’re “working late”), and put your personal cell phone in “airplane mode” when you deviate from your normal route. Oh, and use a Faraday shield over your RFID credit card (and only use prepaid gift cards purchased with cash [or cash] to buy your “lady friend” dinner). Avoid convenience stores and city street corners. Wear a disguise.

    I’m SURE that I missed something…

  • avatar
    TrailerTrash

    Really, all of these Frankin huggers above…give me a break.
    He sucked as a comedian. Not even close to being funny.
    He comes from a state that has an election history of placing entertainers into Federal offices without any prior management skills.

    Two states I will never live in again…Illinois and Minn.
    Oh, and will avoid Mass. as well.

  • avatar
    30-mile fetch

    Okey dokey, you don’t like Al Franken. Most of us care about that as much as the typical Massachusetts resident cares that you won’t grace the state with your presence.

    But how do you feel about Franken’s stance on the OnStar issue above?

  • avatar
    bunkie

    Personally, I’ll take a smart comedian over a dumb newscaster any day. Last year on Celebrity Jeopardy, Wolf Blitzer faced off against Andy Richter. There was no contest. Blitzer blew questions about current affairs and history left and right. Richter, on the other hand, didn’t miss a trick, scoring well on those same questions as well as much of the more obscure stuff. Without his cue cards, Blitzer is an empty suit.

    Franken is a smart comedian. I attended a lecture he gave at Ohio State back in the ’90s. I was expecting jokes, but what I got was a thoughtful, well-reasoned analysis of the then-current political situation. He’s a very well-educated, smart guy.


Back to TopLeave a Reply

You must be logged in to post a comment.

Subscribe without commenting

Recent Comments

New Car Research

Get a Free Dealer Quote

Staff

  • Authors

  • Brendan McAleer, Canada
  • Marcelo De Vasconcellos, Brazil
  • Matthias Gasnier, Australia
  • J & J Sutherland, Canada
  • Tycho de Feyter, China
  • W. Christian 'Mental' Ward, Abu Dhabi
  • Mark Stevenson, Canada
  • Faisal Ali Khan, India