“We will hold all these companies accountable,” rants state attorney general Ken  Paxton  (pictured).

Don’t Mess With Texas Privacy

What’s the craic? Peter Pinedo claims this breathless exclusive: Red state sues insurer for using customer data to build ‘world’s largest driving behavior database’

“Texans deserve better”
Texas Attorney General Ken Paxton is suing Allstate insurance company for allegedly illegally collecting, using and selling the driving behavior data of over 45 million Americans. … He accuses Allstate, and its subsidiary data analytics company “Arity,” of secretly using driving data from over 45 million Americans’ mobile devices, in-car devices and vehicles to build the “world’s largest driving behavior database,” consisting of “trillions of miles” worth of data.
…
“The personal data of millions of Americans was sold to insurance companies without their knowledge or consent in violation of the law. Texans deserve better and we will hold all these companies accountable,” … Paxton said.
…
Allstate Corporation, however, claims that its data collection system “fully complies with all laws and regulations.” Allstate is one of the largest auto, home and life insurance companies in the U.S.

How are they getting the data? Suzanne Smalley shows us how: Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans

“Premiums can be raised because of the driving behavior of their taxi”
Allstate has harvested trillions of miles of that data from Americans’ cellphones through “secretly embedded” software that Arity pays millions of dollars to place in mobile apps. … By failing to give consumers notice or get their consent for gathering and selling the sensitive data, Allstate violated Texas’ new Data Privacy and Security Act, … Paxton said.
…
When a consumer downloads one of the participating mobile apps onto their phone, they also have “unwittingly downloaded” the Arity software [so] Arity and Allstate can “monitor the consumer’s location and movement in real-time.” [It] captures not only a phone’s geolocation data, but also accelerometer data, magnetometer data and gyroscopic data, consumers’ movements, including their start and end locations, … distance and duration of trips, acceleration, speeding, hard braking, distracted driving and crash detection. … Additionally, Arity’s software tracks “whether a consumer picked up or opened their phone while traveling,” … the complaint says.
…
While Arity and Allstate market the data to insurers as “driving behavior” data, its software is in reality only capable of tracking the movement of a mobile phone, meaning that consumers’ insurance premiums can be raised because of the driving behavior of their taxi driver or a friend whom they are riding with, according to the complaint. [It] names four mobile apps as participants: … Routely, … Fuel Rewards, Life360 and GasBuddy.

It’s not only apps. Kevin Purdy piles on: With connected cars and revenue-hungry apps, insurers are flush with data

“Toyota, Lexus, Mazda, Chrysler, Dodge, Fiat, Jeep, Maserati, and Ram”
Arity [is] a “mobility data and analytics” firm founded by Allstate in 2016. … Texas’ lawsuit claims that Arity incentivized—through “generous bonus incentives”—apps … to “increas[e] the size of their dataset.” … Arity had “varying levels of control over the privacy disclosures and consent language” shown to app users.
…
The suit also cites Allstate as gathering direct car use data from: Toyota, Lexus, Mazda, Chrysler, Dodge, Fiat, Jeep, Maserati, and Ram vehicles.

Ah, the old “connected car spying on you” story again? rdtsc pays attention:

Seems like the bigger part of the story. … You can uninstall GasBuddy from your phone, but finding and buying a new car that doesn’t track you is a bigger hassle.

Whatever the source of the data, it’s gotta be lousy quality. Mark markdavis’s words:

Good job, TXAG. jezra is pleasantly surprised:

When I think of a state that will sue a corporation in order to protect the people, Texas is not what comes to mind. Thank you Texas for changing my mind. Hopefully other states follow suit.

And now it’s in the hands of the courts. GoodJazzHands digs in for the long haul:

Allstate will certainly take this to trial, as their corporate policy is never to settle. Paxton better have a team of lawyers that are sharper than he is, because Allstate has an army of them.

Even if disclosure was lacking, shouldn’t people have known? sarusa has little sympathy:

Gee who would have thunk? If you’re installing random apps, they are selling everything they collect to at least Facebook (who have a giant active profile on you whether you are using their platforms or not) … and then of course everyone else wants in on the action too. … With an app like GasBuddy, the product is you. Did you think they were doing this out of the goodness of their hearts?

But what’s in it for policyholders? webtelly foresees enormous riches down the road:

Get ready for your $1.50 check two years from now.

Meanwhile, SeaFox learned something today:

Texas has privacy laws? That’s the real news here.

And Finally:

*standing ovation*

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to  @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: DonkeyHotey (cc:by-sa; leveled and cropped)