Android Flashlight app deceptively collected and sold location data

Brightest Flashlight Free is an Android app developed by GoldenShores Technologies, LLC that turned an Android smartphone into a flashlight.

It was first released on Google Play (then known as Android Market) on February 15, 2011. By the first week of March of the same year, it had recorded more than 100,000 downloads globally. It has since been downloaded tens of millions of times. Users really like free apps, especially if it serves a very useful purpose.

But as the saying goes, if a product is free, you – the user – are the real product. And that was true with Brightest Flashlight Free. The app (or the company, if it makes any difference) was collecting and selling the precise location and device id of its users to advertising networks. The problem: Users were not aware that the selling part was going on. In fact, they were told that their geolocation data will not be shared with advertising networks.

That’s a deceptive practice. So the Federal Trade Commission (FTC) got involved.
Android Brightest Flashlight app

According to the FTC report on the case, GoldenShores Technologies, through the app’s privacy policy:

…Told consumers that any information collected by the Brightest Flashlight app would be used by the company, and listed some categories of information that it might collect. The policy, however, did not mention that the information would also be sent to third parties, such as advertising networks.

Consumers also were presented with a false choice when they downloaded the app, according to the complaint. Upon first opening the app, they were shown the company’s End User License Agreement, which included information on data collection. At the bottom of the license agreement, consumers could click to “Accept” or “Refuse” the terms of the agreement. Even before a consumer had a chance to accept those terms, though, the application was already collecting and sending information to third parties – including location and the unique device identifier.

That is the type of stunt that LG was pulling with their smart TV. See Smart TV, Spy TV. Is that LG Smart TV spying on you?.

So what’s GoldenShores Technologies punishment for such a fraudulent and deceptive practice? I wouldn’t call it a punishment, more like a slap on the wrist. Aside from a fine that could be no more than $16,000 USD, the company is also prohibited:

…From misrepresenting how consumers’ information is collected and shared and how much control consumers have over the way their information is used. The settlement also requires the defendants to provide a just-in-time disclosure that fully informs consumers when, how, and why their geolocation information is being collected, used and shared, and requires defendants to obtain consumers’ affirmative express consent before doing so.

The defendants also will be required to delete any personal information collected from consumers through the Brightest Flashlight app.

That’s not enough. Companies ought to pay a very severe financial penalty for fraudulent practices.

Related Posts

Help Mandriva choose a name for its community distribution Mandriva is in the final stages of launching the community edition of Mandriva Linux. And they are asking for your input - to help choose a name for t...
What the heck is Fog Computing? While many are still trying to figure out Cloud Computing, here comes a rival concept - Fog Computing. It's computing that takes place at the edge of ...
Mozilla to sell ads in Firefox browser via the Directory Tiles program Mozilla has plans to start showing ads to first-time users of the Firefox browser. For the target group of users, the ads will appear alongside other ...
SlateBook x2: Tegra 4-powered Android hybrid The Tegra 4-powered SlateBook x2 running Android Jelly Bean (4.2.2) is the latest split-personality portable computer from HP. Detailed hardware s...
World’s smallest 4 megapixel USB3 vision camera and Tux, the Linux mascot Ximea just announced the world's smallest 4 megapixel USB3 vision industrial high-speed camera. Measuring just 26.4 x 26.4 x 21.6-mm, it is the latest...
Administrations sponsor extension of open source network monitoring tool Several public administrations in Spain are sponsoring the development of Zorb, an open source extension to Nagios, an open source network monitoring ...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

One Comment

  1. “Companies ought to pay a very severe financial penalty for fraudulent practices.”

    But then the powers that be would have to be accountable to the same principles!

    NNnoooo, not going to happen!

Leave a Comment

Your email address will not be published. Required fields are marked *