Vehicle assistance service OnStar has always struck me as slightly creepy, but I can appreciate its utility unfamiliar locations and emergency situations. And the notion of a company tracking your location constantly is apparently as reassuring to some as it is disturbing to me.
But I doubt even those optimistic souls would find it reassuring to learn that OnStar now reserves the right to record your location, speed, and so on “for any purpose, at any time” to “any third party” provided the information is anonymized.
The changes to the TOS (noted by Jonathan Zdziarski, and also reported at Reuters) were announced this week and, to be fair to OnStar, sent to their subscribers in full. And the major changes are right there on top (PDF). But that’s cold comfort to anyone concerned with their privacy.
Sharing anonymized information isn’t anything new for users of online services. Unless you actually opt out, it’s likely that most of the stuff you use online is being tracked, and that data sold in some way or another. Most companies are careful about anonymizing data, but not all data can be anonymized. A GPS record is rather hard to decouple from identity, since an intact record of a day or a week will plainly yield home and workplace locations, among other things.
Cross reference that with the data they now sell to “credit card processors and/or third parties we contract with who conduct joint marketing initiatives with OnStar,” and you’ve got a nice little database of easily identifiable individuals going.
It should be noted that there’s some tension here regarding what’s private and what’s public information — certainly it can easily be found out from voting, property, and tax records where someone lives and works. And the make and model of your vehicle is easily discernible by anyone nearby.
But that’s a misleading way to think about it; customers agree to the TOS with the implicit understanding that their location and speed would be used for the services they pay for, and if necessary shared with law enforcement. Not only now does the TOS essentially say that as long as they take your name off it, they can sell your data to literally anyone who wants it, but they now will also continue to collect that data even if you don’t use OnStar.
Again, to give OnStar credit, they say right away that you can totally deactivate their data connection by telling a representative that you want to. Hopefully the opt-out process is as easy as they say. But it’s a little odd that a company with whom you have no connection other than a piece of hardware in your car should want or be able to access that information. If you’re really intent on being invisible to them, search for OnStar and your vehicle make and model to find where the GPS unit is, and simply disconnect it.
To be honest, this really isn’t such a big deal, but it’s always discouraging to see companies with sensitive data taking the route of companies like ISPs and carriers, whose data handling practices are highly suspect. Furthermore, the legitimacy of the data sharing relies on the effective anonymization of this GPS data, and they have not convinced me that they are doing this effectively. If you have OnStar, this might be a good time to question whether the utility of the service really outweighs the potential for abuse.
Update: five minutes after posting this, I was contacted by OnStar, who wishes to make clear that “OnStar has and always will give our customers the choice in how we use their data. We’ve also been very open with our customers about changes in services and privacy terms.” I agree with the latter, but clearly the former is not true. Customers appear to have a choice between using the service and not using the service; subsequently what data is collected and how it is used appears to be entirely OnStar’s decision.