Tag: Geolocation

Illegal location tracking leads to massive fine for InMobi

| June 28, 2016

InMobi has agreed to settle charges from US FTC and will pay nearly $1 million in penalties.

Illegal location tracking charges have been placed against Indian-based mobile advertising company InMobi by the US Federal Trade Commission (FTC). The mobile ad network is subject to a $4 million fine by the FTC for deceptively tracking the locations of consumers. However, the fine was lowered to $950,000, due to the company’s financial condition.

Hundreds of millions of consumers were tracked, including children.

The FTC alleges that InMobi illegally tracked consumers’ locations and used this information for behaviorally targeted advertising. InMobi’s advertising software tracked the locations of consumer’s when they opted in, but not always in accordance with their device’s privacy settings. The company was actually tracking the locations of consumers regardless of whether or not the apps using the company’s software asked the consumer’s permission. Even when consumer denied permission to access their location information, they were tracked anyway.

Illegal Location TrackingTo make matters worse, according to the FTC, InMobi also violated the Children’s Online Privacy Protection Act (COPPA). It did so by collecting information from applications that were directed at children, even though InMobi promised that it didn’t.

What the FTC discovered was that InMobi developed a database built on the information the company gathered from consumers who allowed InMobi to access their geolocation data. This data was combined with the wireless networks that were near consumers in order to document the physical location of the actual wireless networks. The company then used that database to deduce the consumer’s physical location based on the networks they were close to. This occurred even when they had the location collection feature of their device turned off.

In addition to its illegal location tracking fine, InMobi must adhere to stiff rules.

Aside from paying the $950,000 fine, InMobi must also delete all the data it collected from children. The company will be prohibited from collecting the location information from consumers without their express consent. They will also be required to honor the location privacy settings of their consumers. Additionally, information collected without consent must also be deleted.

The settlement resulting from the illegal location tracking fiasco will also require InMobi to set up a comprehensive privacy program. For the next 20 years, this privacy program will be independently audited every two years.

U.K. mobile technology owners urged to drop dubious location based services

| April 8, 2016

Consumer privacy protection groups have pointed out that device owner movements and data are being sold.

People living in the United Kingdom are being urged by consumer privacy protection groups to take a closer look at the location based services to which they have subscribed as many of these options are shady or vulnerable to hacking.

The recommendation has been issued by the Open Rights Group (ORG) following the outcome of two studies.

This recommendation was made by ORG as a result of its “Cashing in on your Mobile” report, in addition to a second report that was issued by Krowdthink. Both of these organizations have determined that people have signed on for location based services and that many of those options are on the sketchy side or leave mobile device users open to having their personal information accessed by hackers.

These location based services can gather information about the movements and personal data of device users.

Mobile Technology – UKMobile Technology - UKIn the ORG report, it expressed that “Research found that 93 percent of punters have been opted into having their location tracked (and sometimes their web browsing and app use) by default by their mobile provider and public WiFi providers.” It went on to state that if this geolocation data were ever to be hacked, it would place mobile device users in a position in which their personal information in combination with their daily movements could be revealed to anyone who may be interested in purchasing it.

This could escalate the current rampant problem of identity theft to the point that it is not only the personal information of a device user that can be stolen and used, but also their typical location at any time of the day.

ORG also reported its concern that “Service providers are not being upfront at point of contract signature with customers with regards to the fact that all their movements will be tracked and historic location data will be used for marketing purposes and in most cases sold to third parties.” The report indicated that there are some WiFi providers that suggest that they are required to collect some of the location data for legal purposes but that these claims were greatly exaggerated.

Consumers are struggling to know how they can go about opting out of location based services even among those that are aware that there could be a security problem.