Location

The U.S. Federal Trade Commission (FTC) continues to target data brokers, this time in a settlement with InMarket Media, which bans the company from selling Americans' precise location data.

InMarket is a Texas-based data aggregation company specializing in collecting and analyzing people's location data. The company gathers location information from various sources, including its own applications (CheckPoints and ListEase) and numerous third-party apps that incorporate its software development kit (SDK).

"The InMarket Apps have been downloaded onto over 30 million unique devices since 2017," reads the FTC complaint against InMarket Media.

"Respondent also makes the InMarket SDK available to third party app developers, and it has been incorporated into more than 300 such apps which have been downloaded onto over 390 million unique devices since 2017."

InMarket uses data collected from the apps to build advertising profiles that the company's customers use to deliver targeted ads in the mobile apps.

The FTC complaint says InMarket maintains 2,000 categories of distinct "audiences" which tracked people fall into, including "Christian churchgoers," "wealthy and not healthy," and "parents of preschoolers."

The FTC alleges that the tracked individuals have not consented to be tracked or for their sensitive data to be used for targeted advertising on the apps incorporating its SDK.

The U.S. agency explains that many of those 3rd party apps may not even be aware that their users' location data is combined with information from other sources to create detailed profiles.

Ultimately, the FTC deems InMarket's five-year data retention policy overly excessive for targeted advertising, significantly elevating the risk of misuse and exposure.

For all these reasons, the FTC has taken action against InMarket to prevent further proliferation of the abuse and to protect American customers from rampant location tracking.

"Under the proposed order, InMarket will also be prohibited from selling, licensing, transferring, or sharing any product or service that categorizes or targets consumers based on sensitive location data." reads an FTC announcement.

In addition to the ban on selling people's location data, FTC also proposes the following measures to be imposed on InMarket:

  • Delete location data and products unless consented or anonymized.
  • Simplify consent withdrawal and data deletion processes.
  • Alert consumers about FTC actions and offer opt-out/deletion options.
  • Collect and use location data only with explicit consent.
  • Create a program to protect sensitive location data.
  • Ensure SDK partners obtain proper consumer consent.
  • Enforce a strict privacy policy and data retention plan.

For the complete details of the proposed order, check the document published by FTC here.

This is the second case within the month in which the FTC is taking action to protect people's location data from data brokers and marketers.

Previously, the U.S. government agency issued an order barring X-Mode Social from selling and licensing precise location data sourced from its own and third-party apps using its SDK.

Related Articles:

FTC files complaint against Adobe for deceptive cancellation practices

Data firm execs convicted for helping fraudsters target the elderly

Infostealer malware logs used to identify child abuse website members

U.S. indicts Russian GRU hacker, offers $10 million reward

Four FIN9 hackers indicted for cyberattacks causing $71M in losses