Get updates by email

Select Specific Blog Updates

Paul Zimmerman

Photo of M&R Blog

hxdbzxy  ©

Mobile Advertising Company Settles FTC Charges It Tracked Consumers’ Locations Without Permission

InMobi, a Singapore-based mobile advertising company that allegedly tracked the locations of hundreds of millions of consumers – including children – without consent, will pay $950,000 in civil penalties and implement a comprehensive privacy program to settle Federal Trade Commission (FTC) charges. While InMobi claimed that its software collected geographical whereabouts only when end users provided opt-in consent, the FTC contends that the software in fact used nearby Wi-Fi signals to infer locations when permission was not expressly given.

The FTC alleges that InMobi misrepresented that its advertising software would only track consumers’ locations when they opted in, and in a manner consistent with their device’s privacy settings. According to the complaint, InMobi was actually tracking consumers’ locations whether or not the apps using InMobi’s software asked for consumers’ permission to do so, and even when consumers had already denied permission to access their location information.

InMobi, whose advertising network has reached more than one billion devices worldwide through thousands of popular apps, offers multiple forms of location-based advertising to its customers. Services include the ability to direct ads toward consumers based on their current locations, locations they visit at certain times, and on their location over time. The complaint further alleges that inMobi created a database built on information collected from consumers who allowed the company access to their geolocation information, combining that data with the wireless networks they were near to document the physical location of wireless networks themselves. The FTC claims that InMobi would then use that database to infer the physical location of consumers based on the networks they were near, even when consumers had turned off location collection on their device.

The FTC alleges that InMobi also violated the Children’s Online Privacy Protection Act (COPPA) by collecting this information from apps that were clearly directed at children, in spite of promising that it did not do so. The complaint noted that InMobi’s software tracked location in thousands of child-directed apps with hundreds of millions of users without following the steps required by COPPA to secure a parent or guardian’s consent to collect and use a child’s personal information.

As a best business practice, companies in the mobile advertising space should obtain consumers' affirmative express consent before they collect location-based information. Furthermore, companies must carefully honor all consumers’ location privacy settings. Lastly, companies should consider working with qualified counsel to develop and implement a comprehensive privacy program that ensures compliance with all applicable rules and regulations.

This blog post is not offered as, and should not be relied on as, legal advice. You should consult an attorney for advice in specific situations.