If you are privacy minded and drive a OnStar equipped vehicle, you are probably going to start looking at the little blue button on your dash a little differently. Monday OnStar began emailing customers about a change to the companies privacy policy that will allow the company to collect and sell “anonymized” location and speed data from any vehicle with a functioning OnStar system regardless of whether there is an active OnStar subscription. The only way to “opt-out” of the new program is to completely disable the onboard OnStar components by removing the fuse for the system. (Though depending on the cars electrical system, this could also disable other “features” that a driver may still want enabled like say the GPS navigation system. I am not familiar enough with OnStar and GM cars to say exactly what disabling the built in OnStar system will do, if some one that does know want’s to chime in in the comments, that would be great.)

While it is one thing to elect to be tracked by a company so they can provide you a service, it is completely another for them to sell that tracking information without explicit consent. History has repeatedly shown that anonymized data rarely is ever anonymous, usually requiring minimal effort to associate the “anonymous” data with an individual. It is even worse when the tracking is performed on people who have no desire to use a company’s service (or in the case of a used auto sale may have never used the company’s service). This is like buying a car with a CB in it and despite never picking up the mic every word you say being broadcast. In fact a microphone is part of the OnStar system, what is to stop them from revising their policies to say that by having OnStar equipment in your car you give them permission to record everything you say and sell “anonymized” conversations to the highest bidder?

To make matters worse, because the US Government already illegally taps every phone in the country (including mobiles) and since OnStar uses cellular telephone technology for its two-way communications the Government could conceivably track every OnStar equipped car in the country (and not just the cars whose owners pay for the service – which is a possibility even now). In a worst case scenario the Government could even piggy back the OnStar communications to turn on the OnStar mic or control any of the other onboard systems OnStar has access to (like the ignition). While this is just conjecture the fact remains, the US Government has no problem illegally spying on its citizens and OnStar is going to start tracking every car infested with its hardware. Why wouldn’t they take advantage of this to better spy on protect its citizens?

What do you think? Has OnStar crossed a line? Will the Government take advantage of this move? Let us know in the comments.

Update: A rep from OnStar’s PR firm just dropped by the comments and left the following statement, “We value our customers’ privacy and security and have never sold any personally identifiable information to any third party.” He goes on to link to a video they put together regarding the new terms and conditions, scroll on down if you’re interested. Do you think this adequately addresses the concerns raised by the new terms and conditions changes? Let us know in the comments.

Update: Onstar has reversed their decision to continue tracking equipped vehicles after service is cancelled. (Read press release)

OnStar Tracks Your Car Even When You Cancel Service [via The Consumerist]

It is no secret that the government has taken advantage of the 9/11 tragedy and scared the majority of the country into willingly sacrificing their freedom for a false sense of security. Yet, even with the sheeple cowed into compliance, the few remaining “annoyances” required to get unfettered access to the personal information of every US citizen are still apparently too daunting for the fine agents of the FBI. According to information contained in a report released today by the Department of Justice’s Office of the Inspector General, the FBI routinely ignores the already lenient rules that they are required to follow to obtain phone records.

According to the Electronic Communications Privacy Act, telecom providers are allowed to immediately provide records in the case of an actual emergency where there is a “reasonable belief” that “an emergency involving danger of death or serious physical injury to any person requires disclosure without delay.” The FBI expresses this urgent need through what is called an “exigent letter” that is provided to the phone company. While I am not privy to the actual process, I can only imagine that it involves an agent filling in the phone number in question on a form letter and then handing it to a phone company employee (who, believe it or not, works inside the FBI office responsible for handling these requests). While you would imagine that the FBI would be perfectly happy with a system that is devoid of judicial oversight and only requires only writing a letter to gain access to private records, but according to the Inspector General’s report agents routinely obtained records without using an “exigent letter”. In some cases, the phone number in question was merely written down on a Post-It note left on the telecom employee’s desk, other times requests were made verbally.

Additionally, the FBI has developed a new legal “theory” that allows telecoms to divulge information without any judicial process AT ALL! Unfortunately for the American public, the portion of the report dealing with this new theory is heavily redacted. Hidden from view is any discussion of the legal basis for this new claim. Even the section number of the law the FBI feels grants it this power is redacted. This ridiculous secrecy is exactly the opposite of what you would expect from an administration that ran on a platform of hope and promised openness and transparency. Well at least we know that it is business as usual at the Department of Injustice.

FBI Replaced Legal Process with Post-It Notes to Obtain Phone Records