[jiveturkey]

> If BMW ever shares the location data with third parties other than police, I would have major issues with all of this.

By that time it would be too late. And the problem with privacy-related info (like location history) is that once revealed, it can’t be re-secured. So the only proper fix is to not collect it in the first place.

Also BMW is a car company. Consumer data protection is not their core competency. Then info may not be intentionally revealed. A rogue employee may decide to listen in (as in OnStar case). We can’t know what controls they have in place to mitigate risk. Since I obtain almost no value I want to be able to opt out. That they make this difficult is so aggravating. But I love their cars. I wish I could quit you BMW.

I wonder if GDPR is a factor for new car sales. In fact maybe that’s why you got a big packet and had to opt in, and back in 2016 it was instead quite impossible to opt out.

[hvidgaard]

GDPR is quite hard on the fact that you must opt in. It can be argued that using the services they provide is enough of an opt in, but the GDPR states that they must explain in detail what the collect and what they'll do with the data.

[jacquesm]

Under the GDPR you could force BMW to hand over what data they have on your car. That way you would at least have some idea of what gets stored and for how long.

[jiveturkey]

As a US citizen residing in the US, no I couldn't. (They might voluntarily disclose, applying GDPR globally, but they aren't required to do so.)

Additionally, my interaction is with BMW USA, not BMW AG. If teleservices is instantiated locally in the US for US customers, then it's doubly the case the BMW need not respond to any such inquiry.

[jacquesm]

> I wonder if GDPR is a factor for new car sales.

You brought the GDPR into it.