By Nathalie Voit
The Federal Trade Commission (FTC) is suing data broker Kochava Inc. for putting consumers’ personal whereabouts at risk.
According to a press release filed by the agency on Aug. 29, Kochava allegedly sold consumers’ sensitive geolocation information to bidders. The sold data revealed consumers’ precise whereabouts, including visits to reproductive health clinics, places of worship, homeless and domestic violence shelters, and addiction recovery facilities.
The FTC said the Idaho-based data broker put peoples’ privacy at risk and exposed them to threats of stigma, stalking, discrimination, job loss, and even physical violence when it sold tracking data from hundreds of millions of mobile devices to purchasers without consumers’ consent.
The agency also claims Kochava was reckless with the information it had in hand.
“Kochava employs no technical controls to prohibit its customers from identifying consumers or tracking them to sensitive locations,” the FTC’s complaint states. “For example, it does not employ a blacklist that removes from or obfuscates in its data set location signals around sensitive locations including, among others, locations associated with medical care, reproductive health, religious worship, mental health, temporary shelters, such as shelters for the homeless, domestic violence survivors, or other at-risk populations, and addiction recovery.”
“The sale of such data poses an unwarranted intrusion into the most private areas of consumers’ lives and causes or is likely to cause substantial injury to consumers,” the lawsuit states.
Until at least June of this year, the FTC said Kochava allowed anyone with minimal effort to obtain a large sample of sensitive data and use it without restriction. The data sample the agency analyzed included precise, timestamped location information gathered from more than 61 million unique mobile devices.
The lawsuit seeks to halt the distribution of the data and would order Kochava to delete the sensitive geolocation information it has collected.