Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


Driving fast or braking hard? Your connected car may be telling your insurance company

The era of connected cars presents a new privacy problem - and it could also drive up your insurance bill.
Written by Maria Diaz, Staff Writer
Chevrolet Bolt electric vehicles (EV) at a dealership in Colma, California, US, on Friday, Jan. 26, 2024. General Motors Co. is expected to release earnings figures on January 30. Photographer: David Paul Morris/Bloomberg via Getty Images
David Paul Morris/Bloomberg via Getty Images

Automakers like General Motors (GM) are sharing customers' detailed driving behavior data with insurance companies, which can lead to higher premiums for some drivers. According to a March report from The New York Times, the practice fuels concerns over privacy and consent in the IoT world. 

After that report was published, however, the author realized that she and her husband were also being tracked -- and she is now sharing their experience. 

The initial Times report focused on the experience of Kenn Dahl, a driver who saw his car insurance rates jump by 21%, seemingly out of the blue. When Dahl decided to shop around with other insurance companies, he found competing quotes to be just as high. One agent explained that this was due to his LexisNexis report. 

Also: How a new law protects your thoughts from tech companies – and why it matters

When Dahl requested a copy of that report, LexisNexis sent him a 258-page document that included every trip he or his wife drove in their Chevy Bolt during the preceding six months. The report included 640 trips, with dates, start and end times, distances driven, and comprehensive data on driving habits, like speeding, hard braking, and rapid accelerations. 

Insurance firms use this data from LexisNexis -- a global provider of legal and business information and analytics -- to personalize insurance rates for drivers. Anyone can download their own Consumer Disclosure Report online, in compliance with the Fair Credit Reporting Act.

Times author Kashmir Hill is now providing a detailed account of her and her husband's own experience with GM's data-sharing practices. Their vehicle was enrolled in OnStar Smart Driver+, a data-sharing program, not only without their consent but despite assurances from a GM app that they were not enrolled. 

Also: Not into the Tesla Powerwall? You can now buy the Anker Solix X1

After she contacted GM for comment, a spokesperson told Hill that the data collection only happens when drivers turn on OnStar. Hill was certain she had not initiated OnStar, and checking the MyChevrolet app confirmed as much. Also, her LexisNexis file didn't have any driving data. Months later, they checked on a browser-based version of GM.com and found they were indeed enrolled in OnStar Smart Driver+. 

Hill didn't have access to their driving data, but insurance companies did. 

Many insurance companies offer "safe driving" discounts, giving those with a clean driving record a better rate. Some even offer devices installed in your car or location tracking through mobile apps to track your driving habits and watch for signs of safe driving, including steady acceleration, gentle braking, and observing speed limits. 

Also: Tesla cuts its 'full self-driving' subscription in half, also cuts one time price

These discount programs -- like Progressive's Snapshot, Allstate's Drivewise and Geico's DriveEasy -- are ones that drivers enter willingly and knowingly. 

I bet nobody selling you a car told you that the automaker would be able to track and see how you drive, down to the minute, and that insurance companies could use this data to adjust your rates. 

GM told Hill that this bug involved a "small population" of customers, affecting how data was collected and used without user knowledge.

Also: Brave search engine adds privacy-focused AI - no Google or Bing needed

LexisNexis gathers this data from connected cars with the customer's permission; the problem is that this consent is often buried in fine print or obtained indirectly without clear disclosure. On top of facing higher insurance premiums, drivers can feel surveilled and lose trust in carmakers. We're learning that car manufacturers also gather this data, bypassing companies like LexisNexis.

Connected cars are equipped with internet connectivity and the ability to collect and transmit data, and many of the vehicle models from recent years fall into this category (see what data your vehicle can collect here). Vehicles enrolled in telematics programs, like GM's OnStar, HondaLink, and Hyundai's Blue Link, can also collect driver behavior data that can be shared with other companies. 

Also: National Guard will use Google's AI for faster disaster response and recovery

Hill realized she wasn't alone. After publishing her initial article, she said other GM owners reached out with similar accounts. What's more, 10 federal lawsuits have been filed in the past month from drivers claiming they did not knowingly enroll in the Smart Driver program, yet learned GM had provided their driving data to LexisNexis and seen their car insurance premiums increase by as much as double. 

According to Hill, GM responded by discontinuing its Smart Driver program, stopping data sharing with brokers, and appointing a new chief trust and privacy officer. 

Also: Tinder's 'Share My Date' feature will let you share date plans with friends and family

Hill's and many drivers' experiences highlight a systemic issue with data privacy and consent in connected cars. As the issue stands, the enrollment process for these programs features blatantly inadequate disclosure and misleading practices, especially during the vehicle purchase proceedings

According to The Times, GM, Kia, Subaru, and Mitsubishi contribute to LexisNexis' "Telematics Exchange," which has gathered real-world driving behavior from more than 10 million vehicles as of 2022. 

Editorial standards