Partner links

Android Flashlight app deceptively collected and sold location data

Zemanta Related Posts Thumbnail

Brightest Flashlight Free is an Android app developed by GoldenShores Technologies, LLC that turned an Android smartphone into a flashlight.

It was first released on Google Play (then known as Android Market) on February 15, 2011. By the first week of March of the same year, it had recorded more than 100,000 downloads globally. It has since been downloaded tens of millions of times. Users really like free apps, especially if it serves a very useful purpose.

But as the saying goes, if a product is free, you – the user – are the real product. And that was true with Brightest Flashlight Free. The app (or the company, if it makes any difference) was collecting and selling the precise location and device id of its users to advertising networks. The problem: Users were not aware that the selling part was going on. In fact, they were told that their geolocation data will not be shared with advertising networks.

That’s a deceptive practice. So the Federal Trade Commission (FTC) got involved.
Android Brightest Flashlight app

According to the FTC report on the case, GoldenShores Technologies, through the app’s privacy policy:

…Told consumers that any information collected by the Brightest Flashlight app would be used by the company, and listed some categories of information that it might collect. The policy, however, did not mention that the information would also be sent to third parties, such as advertising networks.

Consumers also were presented with a false choice when they downloaded the app, according to the complaint. Upon first opening the app, they were shown the company’s End User License Agreement, which included information on data collection. At the bottom of the license agreement, consumers could click to “Accept” or “Refuse” the terms of the agreement. Even before a consumer had a chance to accept those terms, though, the application was already collecting and sending information to third parties – including location and the unique device identifier.

That is the type of stunt that LG was pulling with their smart TV. See Smart TV, Spy TV. Is that LG Smart TV spying on you?.

So what’s GoldenShores Technologies punishment for such a fraudulent and deceptive practice? I wouldn’t call it a punishment, more like a slap on the wrist. Aside from a fine that could be no more than $16,000 USD, the company is also prohibited:

…From misrepresenting how consumers’ information is collected and shared and how much control consumers have over the way their information is used. The settlement also requires the defendants to provide a just-in-time disclosure that fully informs consumers when, how, and why their geolocation information is being collected, used and shared, and requires defendants to obtain consumers’ affirmative express consent before doing so.

The defendants also will be required to delete any personal information collected from consumers through the Brightest Flashlight app.

That’s not enough. Companies ought to pay a very severe financial penalty for fraudulent practices.

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Partner links

Newsletter: Subscribe for updates

Subscribe
Notify of
guest
1 Comment
Inline Feedbacks
View all comments
Nick
8 years ago

“Companies ought to pay a very severe financial penalty for fraudulent practices.”

But then the powers that be would have to be accountable to the same principles!

NNnoooo, not going to happen!

Get the latest

On social media

Security distros

Hacker
Linux distros for hacking and pentesting

Crypto mining OS

Bitcoin
Distros for mining bitcoin and other cryptocurrencies

Crypto hardware

MSI GeForce GTX 1070
Installing Nvidia GTX 1070 GPU drivers on Ubuntu

Disk guide

LVM
Beginner's guide to disks & disk partitions in Linux

Bash guide

Bash shell terminal
How to set the PATH variable in Bash
Categories
Archives
1
0
Hya, what do you think? Please comment.x
()
x