Today’s connected cars can reveal a stunning amount of information about their drivers, including their location, their behavioral habits, and whom they call or text. As cars capture an increasing amount of data, regulators are becoming more aggressive around automotive privacy practices. The recent FTC settlement with General Motors signals the agency’s focus on vehicle-generated data and offers a best-practices road map. With insights from Cooley, Foley & Lardner, Morrison Foerster and Parker Poe, this first article in a three-part series details the privacy practices that caught GM in the FTC’s crosshairs, examines key settlement terms and their implications, and offers enforcement takeaways. Part two will provide practical advice for navigating the notice and consent, and other privacy issues raised by connected cars. Part three will address the cybersecurity issues that connected cars present. See “Examining Newly Released Privacy and Security Guidance for the Fast-Driving Development of Autonomous Cars” (Oct. 5, 2016).