Last year, a driver in Ohio noticed her car insurance premium jump $1,600. She had not filed a claim. She had not moved. Her car had been reporting on her the entire time.
Most people still believe data harvesting is a Silicon Valley problem. Google sells ads. Facebook tracks clicks. You delete your cookies and feel better about yourself. That belief is wrong, and the gap between what you think is happening and what is actually happening has never been wider.
I dug into the actual research so you do not have to. Here is what I found: data collection has quietly spread into industries most people never associate with surveillance, and the companies doing it are counting on you staying uninformed.
Think of it this way. Data is exhaust from a running engine. You generate it constantly. By the time you notice it, it has already traveled somewhere you did not intend.
The systems are deliberately opaque. The consent language is buried in terms of service nobody reads. And the data collection happens so passively that most people never connect the dots between their behavior and the price they are later charged.
Here is what this actually means for you: this is not abstract. Seven industries are actively building profiles on you right now, and most of them are not the ones you are watching.
1. Health Insurance Companies Are Buying Your Grocery Receipts
A 2023 investigation by The Markup found that major health insurers, including Cigna and Optum, were purchasing consumer data from third-party brokers to predict patient risk scores. The data included retail purchase histories, location patterns, and in some cases, social media activity.
Your grocery store loyalty card is not a discount program. It is a data collection device that feeds into systems you will never see.
Warning: Kroger, Walmart, and CVS all operate loyalty programs that share anonymized (but often re-identifiable) purchase data with third-party analytics firms. A 2022 report from the Duke Sanford School of Public Policy named data brokers including Acxiom and LexisNexis as major purchasers of this retail data.
2. Car Manufacturers Are Selling Your Driving Behavior
General Motors sold detailed driving data on more than 1.5 million customers to insurance companies LexisNexis and Verisk without making the opt-out process visible to drivers, according to a 2024 New York Times investigation. Drivers were enrolled through a program called OnStar Smart Driver, often without clearly understanding that sharp braking, rapid acceleration, and trip timing were being logged and sold.
The Ohio driver mentioned above? This is exactly how her story played out.
Ask yourself why they do not advertise this part of their connected-car agreement.
Did You Know: LexisNexis maintains a consumer data file on most licensed U.S. drivers. You can request your own report at lexisnexis.com/consumer. Many drivers who have done so find years of detailed trip data they never knowingly provided.
3. Retailers Are Running Facial Recognition Without Telling You
A 2023 report by Fight for the Future identified at least 13 major U.S. retailers, including Macy’s, Albertsons, and Home Depot, as active users of facial recognition technology in stores. The technology matches faces against internal watchlists and, in some implementations, connects to third-party identity databases.
There is no federal law requiring retailers to disclose this to customers. Only a handful of states, including Illinois under the Biometric Information Privacy Act, give consumers any legal recourse at all.
Pro Tip: If you live in Illinois, Texas, Washington, or New York, you have state-level biometric privacy protections. Look up your state’s biometric privacy law before your next in-store visit and know whether you have a right to opt out or sue.
4. Your Employer’s Wellness App Is Not Confidential
Corporate wellness programs collected data on more than 50 million U.S. employees in 2023, according to a report from the International Foundation of Employee Benefit Plans. Platforms like Virgin Pulse, Vitality, and Hinge Health track steps, sleep, mental health check-ins, and biometric screening results.
Employers often receive aggregate reports. But the third-party vendors holding your individual data operate under terms of service that allow secondary use, meaning your mental health responses and sleep patterns can be sold or licensed to data brokers under certain conditions.
When did you last read the privacy policy on the app your employer told you was confidential?
5. Banks Are Profiling You Beyond Your Credit Score
JPMorgan Chase, Bank of America, and Wells Fargo all operate internal data analytics divisions that build behavioral profiles well beyond what feeds a standard credit score. A 2023 Consumer Financial Protection Bureau report flagged the practice of using transaction metadata, including where you shop, when you spend, and what categories of purchases you make, to adjust product offers, credit limits, and interest rates dynamically.
This is legal. It is also almost never disclosed in plain language.
Action Step: Under the Fair Credit Reporting Act, you can request your full consumer file from LexisNexis Risk Solutions, Experian, and ChexSystems once per year for free. Go to annualcreditreport.com for the standard credit bureaus. Then search each bureau’s individual site for their separate specialty consumer reporting opt-out pages. These are not the same as your standard credit report.
6. Streaming Platforms Are Selling Attention Data, Not Just Viewing Data
Netflix, Hulu, and Disney+ have all expanded their advertising tier offerings since 2022, and with that expansion came a significant change in what data they collect. According to a 2024 analysis by the Electronic Frontier Foundation, ad-supported streaming tiers now enable automatic content recognition (ACR) tracking, which logs not just what you watch on the platform but what plays on your television from any source, including cable, broadcast, and other streaming apps.
Your television is listening to your television.
Action Step: Disable ACR on your smart TV today. On Samsung TVs, go to Settings, Support, Terms and Policies, then turn off Viewing Information Services. On LG, go to Settings, All Settings, General, then About This TV, and turn off Live Plus. On Roku, go to Settings, Privacy, Smart TV Experience, and uncheck Use Info from TV Inputs. This takes under five minutes and stops cross-platform viewing surveillance immediately.
7. Agricultural Companies Are Tracking Farms Down to the Individual Plant Row
John Deere, Bayer (through its Climate FieldView platform), and CNH Industrial all operate precision agriculture platforms that collect field-level data from connected farm equipment. According to a 2023 report from the American Farm Bureau Federation, these platforms collect GPS coordinates, soil data, yield maps, planting rates, and chemical application records from millions of acres of U.S. farmland.
Farmers often agree to data-sharing terms when activating equipment warranties or accessing software features. That data is then used to build regional commodity intelligence sold to grain traders, hedge funds, and food industry analysts. A small family farm in Iowa running a John Deere 8R tractor is, without knowing it, contributing to a futures market dataset that traders on Wall Street access before harvest season.
The American Farm Bureau now offers a Privacy and Data Security Principles framework and has pushed major agricultural technology companies to sign voluntary data use agreements. As of 2024, fewer than half of the major ag-tech platforms had signed onto all provisions.
Your Next 3 Steps
Now that you know who is watching, here is what you can do today.
Step 1: Go to optoutprescreen.com right now and submit a permanent opt-out from credit bureau marketing lists. It takes four minutes and removes you from pre-screened credit and insurance offer data pools maintained by Equifax, Experian, TransUnion, and Innovis. This is a federal program under the Fair Credit Reporting Act and it is free.
Step 2: Go to your vehicle manufacturer’s connected services portal this week. For GM vehicles, that is my.chevrolet.com, mybuck.com, or the equivalent brand portal. Navigate to Account, then Connected Services, then locate data-sharing preferences under your OnStar or connected vehicle agreement. Opt out of any line item that mentions third-party data sharing or driving behavior analytics. Screenshot your confirmation.
Step 3: Go to your smart TV’s settings right now and disable ACR as described in the streaming section above. Then open your phone, go to Settings, Privacy or Apps, and check location permissions. Any app showing “Always On” for location that does not require navigation should be switched to “While Using” or “Never.” Count how many apps currently have always-on access. The number will surprise you.
The real story behind the headlines is not that data collection exists. It is that the industries collecting the most sensitive data are the ones you trusted most. And who benefits from you not knowing this? Every company that just appeared on this list.
