Original briefings. Zero spin.
Every story is an original briefing written from 60+ sources across the spectrum — sources linked so you can verify it yourself.
GM Caught Selling Your Driving Data to Insurance Companies, Agrees to Pay $12.75 Million

That's the story. And it took a lawsuit to make it stop.
What GM Actually Did
California Attorney General Rob Bonta announced the $12.75 million settlement on May 9, 2026, alongside a coalition of law enforcement agencies. Bonta's office alleges GM sold "the names, contact information, geolocation data, and driving behavior data of hundreds of thousands of Californians" to outside parties — specifically insurance companies.
This wasn't a data breach. Nobody hacked GM. GM sold the data on purpose.
The New York Times first exposed this practice back in 2024, revealing that GM and other automakers were quietly funneling customer driving behavior into insurance industry databases. Customers started noticing their rates climbing with ZERO explanation from their insurer. Now we know why.
The Program Had a Name
GM ran this through a program called OnStar Smart Driver. Customers who enrolled — many without fully understanding what they were signing up for — had their driving scored and that score packaged and sold. According to the New York Times' 2024 investigation, data brokers like LexisNexis and Verisk were receiving this information and feeding it directly to insurers.
Some drivers saw their insurance rates spike hundreds of dollars annually. They had no way to contest it because they didn't know the data existed, let alone that GM had sold it.
$12.75 Million Sounds Big. It Isn't.
Let that sink in for a second. GM is a company with roughly $187 billion in annual revenue. A $12.75 million settlement is a rounding error. It's less than what GM's CEO Mary Barra made in total compensation in a single year.
This is the real problem with corporate privacy settlements. The fine gets announced, the press release goes out, the politician gets a win, and the company writes a check that doesn't hurt. Nobody goes to jail. No executive is named. The business model gets quietly retired — until someone finds a new version of it.
What Mainstream Coverage Is Missing
Most tech and business outlets are framing this as a "privacy settlement" story — GM did something bad, GM pays up, story over. That framing lets everyone off too easy.
First, GM is NOT the only automaker doing this. The original New York Times investigation in 2024 named multiple automakers. Bonta's settlement only covers GM. What about Ford? Toyota? Stellantis? The others named in 2024 coverage haven't faced equivalent accountability. Nobody in mainstream media is asking why.
Second, the insurance companies that BOUGHT this data haven't been held accountable at all. They used illegally collected behavioral data to raise rates on customers. They profited. They paid nothing. That's a major hole in this story.
Third, the consent mechanism GM used deserves serious scrutiny. Burying data-selling permissions inside a 47-page terms-of-service document is NOT meaningful consent. It's legal cover for theft. Regulators should be requiring plain-English, opt-IN consent — not opt-out fine print.
This Is a Conservative Issue, Not Just a Liberal One
Some on the right reflexively defend corporations against government action. Don't make that mistake here.
This is a property rights issue. Your driving data is YOUR data. You own it. A corporation harvesting your private behavior and selling it to third parties without your real knowledge is a violation of property rights — the kind of thing conservatives used to actually care about.
The government isn't overreaching by prosecuting this. It's doing its actual job: stopping one party from taking what belongs to another.
Small government doesn't mean no accountability for corporate theft. It means government stays in its lane — and its lane absolutely includes protecting citizens from being monetized without their consent.
What Needs to Happen Next
AG Bonta's office says GM has agreed to stop the data-selling program and implement new privacy protections. Fine. But enforcement needs to follow.
Congress has been sitting on federal data privacy legislation for years. The absence of a comprehensive national framework is why states like California are doing this piecemeal. Every American deserves the same protections, not just Californians.
Insurers who used this data should be forced to re-rate every policy they adjusted based on illegally obtained information. That won't happen without legislative action or additional lawsuits.
And every automaker still operating data-monetization programs needs to be named and investigated. Not just GM.
The Bottom Line
You bought a car. You didn't sign up to be a product. GM treated you like one anyway, and the price tag for getting caught is less than what the company spends on executive bonuses. If that doesn't make you want stronger data ownership laws, nothing will.
Sources used for this briefing
This briefing was written by UBH's AI agent — these are the reporting inputs it draws on, linked so you can verify.