The Serious Reason Why The FTC Is Suing A Major Data Firm

The Federal Trade Commission (FTC) is suing a large data firm for a serious reason the affects the privacy of US citizens.

By Charlene Badasie | Published

This article is more than 2 years old

FTC twitter elon musk amazon facebook groups home depot tiktok tesla social media

Earlier this week, The Federal Trade Commission (FTC) filed a lawsuit against data broker Kochava Inc. for selling geolocation data from hundreds of millions of mobile devices. The independent agency, whose principal mission is the enforcement of civil U.S antitrust law and the promotion of consumer protection, said the stolen information can be used to trace the movements of individuals to and from sensitive locations. This includes private visits to abortion clinics, domestic abuse shelters, places of worship, mental health facilities, and more.

The lawsuit is a dramatic move from the FTC in the post-Roe United States. It signals that the agency is not afraid to take drastic steps against alleged privacy violations around reproductive health and location data. “Defendant’s violations are in connection with acquiring consumers’ precise geo-location data and selling the data in a format that allows entities to track their movements to and from sensitive locations,” the court papers read.

According to Vice, the FTC includes a screenshot of Kochava data available for sale through an Amazon Web Services marketplace. The information includes the unique Mobile Advertising ID linked to a device (either an IDFA for Apple devices or an ADID for Android) as well as its precise GPS coordinates for a particular point in time. The lawsuit also explains the firm’s shockingly simple process. “A purchaser could use an ordinary personal email address and describe the intended use as business.” Approved requests are available within 24 hours.

The FTC adds that one day of the sample information included over 327,480,00 rows and 11 columns of data regarding over 61 million unique devices. The sample also included precise location data gathered in the seven days before the request was approved. “As a result, it becomes possible to identify a mobile device that visited a women’s reproductive health clinic and trace that device to a single-family residence,” the complaint continued. The data set also reveals the user’s routine and can identify medical professionals who perform, or assist in the performance, of abortion services.

Kochava Ine remains defiant, however, saying that the lawsuit shows the unfortunate reality that the FTC has a fundamental misunderstanding of its data marketplace business. In a statement to arsTechnica, the firm insisted that it operates consistently and proactively in compliance with all rules and laws, including those specific to privacy. Before the legal proceedings, the company also claims to have taken the proactive step of announcing a new capability to block geo data from sensitive locations via Privacy Block.

The move would effectively remove that data from the marketplace, and is currently in the implementation process of adding that functionality. “Absent specificity from the FTC, we are constantly monitoring and proactively adjusting our technology to block geo data from other sensitive locations,” the statement continued. Kochava added that it sources 100% of the geo data in its data marketplace from third-party data brokers all of whom represent that the data comes from consenting consumers. Meanwhile, The Federal Trade Commission declined to comment on why it targeted Kochava specifically.