FTC Hits Pair of Data Brokers for Unlawfully Tracking and Selling Consumer Data
The Federal Trade Commission said it has issued an order prohibiting data brokers Mobilewalla and Gravy Analytics from selling consumer data without consent—including location information related to visits to healthcare facilities, places of worship, and participation in protests.
According to the FTC, Atlanta-based Mobilewalla from 2018 to June 2020 collected hundreds of millions of consumer identifiers from advertising bidding exchanges and third-party aggregators that contained precise location data that was not anonymized. Mobilewalla sold access to the data to third parties, including advertisers, data brokers and analytic firms. The FTC alleged Mobilewalla “unfairly” collected data from the exchanges when it placed an ad for clients, even if it did not have a winning bid.
“Mobilewalla collected massive amounts of sensitive consumer data – including visits to health clinics and places of worship – and sold this data in a way that exposed consumers to harm,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, in a statement. “The FTC is acting today to stop these invasive practices and protect the public from always-on surveillance.”
For example, according to the FTC, Mobilewalla allegedly collected location data from women who visited pregnancy centers. The information was used to build audience segments targeting pregnant women. Mobilewalla also “used audience segments to create a June 2020 report analyzing people who protested the death of George Floyd and determined the protesters’ racial backgrounds and whether they lived in the cities in which they protested,” said the FTC.
Mobilewalla allegedly violated the FTC Act by selling consumers’ sensitive location data; selling audience segments of consumers for marketing and other purposes based on sensitive characteristics; collecting and retaining sensitive data from advertising exchanges; collecting and using data without taking reasonable steps to verify consumers’ consent; and retaining raw consumer location information indefinitely, FTC said.
“Mobilewalla respects consumer privacy and has been evolving our privacy protections throughout our history as a company,” said a company spokesperson via email. “While we disagree with many of the FTC’s allegations and implications that Mobilewalla tracks and targets individuals based on sensitive categories, we are satisfied that the resolution will allow us to continue providing valuable insights to businesses in a manner that respects and protects consumer privacy.”
Meanwhile, Ashburn, Virginia-based Gravy Analytics and its subsidiary Venntel, allegedly sold sensitive consumer location data collected without consent for commercial and government uses, the FTC said. The data contained sensitive information such as health or medical decisions, political activities, and religious viewpoints—derived from consumers’ location data using geofencing, which the FTC said creates a virtual geographical boundary, to identify and sell lists of consumers.
“Surreptitious surveillance by data brokers undermines our civil liberties and puts servicemembers, union workers, religious minorities, and others at risk,” said Levine.
Under proposed orders to settled FTC complaints against the companies, Gravy Analytics and Venntel will be prohibited from selling, disclosing, or using sensitive location data in any product or service. Mobilewalla is prohibited from selling sensitive location data, including data that reveals the identity of an individual’s private home, the FTC said. The data broker is “prohibited from using, transferring, selling and disclosing sensitive location data from health clinics, religious organizations, correctional facilities, labor union offices, LGBTQ+-related locations, political gatherings and military installations.”
An attempt to reach Gravy Analytics was not immediately successful.
The Consumer Financial Protection Bureau has also looked to “rein in data brokers” with a proposed rule to limit the sale of sensitive personal identifiers that could be used to target, harass, or dox people.
“By selling our most sensitive personal data without our knowledge or consent, data brokers can profit by enabling scamming, stalking, and spying,” said CFPB Director Rohit Chopra in a Dec. 3 statement. “The CFPB’s proposed rule will curtail these practices that threaten our personal safety and undermine America’s national security.”
- Florida Citizens Policy Count Dips Below 1 Million for First Time in Two Years
- Judge Says Southwest Must Face Bias Claims Over Free Flights for Hispanic Students
- FEMA Drops Hammer on Fort Myers Beach After Improper Rebuilding in Flood Area
- T-Mobile Engineers Spotted Hackers Running Commands on Routers