There are few rules or laws in the United States that govern what data can be collected and used by companies. (An exception is medical information.) The United States generally does not ensure that companies strip out names or other personal details, or stipulate how such information should be used, for example.

Typically, a driver agrees to be tracked and monitored by checking off a box on one of the user agreement forms needed to register a car’s in-dash system or a navigation app. In most cases, the driver must agree to such terms to use an app or service.

Who Owns the Data?

While anyone from an app developer to Google or Spotify may be capturing your digital moves while you drive, in most cases the primary collector and owner of this deluge of data is the automaker. And while it presents some potentially valuable new opportunities for them, it also has raised some nettlesome customer relationship problems.

General Motors learned this the hard way in 2011 when it amended the terms and conditions for its OnStar communications system. They included a change that allowed OnStar to share vehicle information with other companies and organizations without asking for additional explicit consent from customers. The change led to numerous complaints, and the incident was even cited in a 2012 Supreme Court decision about warrantless tracking as evidence that drivers expect privacy behind the wheel.

Consequently, many car companies view the acknowledgment of such data collection as problematic for customer relations. While drivers may welcome use of the information to relay diagnostic and service information (“Time for an oil change!”), automakers are aware that many consumers are wary of other uses — so much so that several companies declined to comment on their future plans or data collection policies.