FTC Takes Action Against Data Brokers Selling Sensitive Information

Monday - January 15 2024, 15:30 UTC - 10 months ago

In 2024, major privacy violations are making headlines, with the FTC taking action against a data broker for selling sensitive location data. This move could signal more aggressive action from policy makers. Experts believe this could set a precedent for future cases against data brokers.

It's only a few weeks into 2024, and already the issue of privacy violations is making major headlines. The first to make waves was the continued drama surrounding the 23andMe data breach, followed by a major financial software company being shut down for inappropriately using private information. But the most recent news has taken things to a new level – the FTC has taken an unprecedented step and banned a data broker from selling people's location data.

This move is significant, as it could potentially lead to more aggressive action from policy makers to curb the corrosive effects that data brokers have on personal privacy. These companies, which are often shrouded in secrecy, operate in a relatively new industry and therefore aren't subject to many regulations. It has been a point of interest to see how lawmakers and other government actors have responded to these companies over the past few years.

One major factor that has put data brokers under intense scrutiny is the Supreme Court's decision to eliminate the legal right to abortion in 2022. Following the Dobbs decision, many Democrats expressed concerns that data brokers would track and sell data about sensitive locations, such as doctor's offices and abortion clinics. In response, President Joe Biden issued an executive order in July 2022 directing federal agencies to increase privacy protections related to reproductive care.

This week, the FTC announced that it was banning Outlogic, formerly known as X-Mode Social, from sharing and selling users' sensitive information. Specifically, the ban includes precise location data that tracks people's visits to places like medical clinics. The agency also required that Outlogic delete all previous location data it had collected. The FTC has accused the company of not adequately protecting geolocation data about sensitive locations, violating consumer privacy, and failing to implement safeguards on the use of sensitive information by third parties. Outlogic, however, maintains that it did not misuse location data and has always prohibited customers from associating its data with sensitive locations.

In a statement to Reuters, FTC chair Lina Khan stated, "By securing a first-ever ban on the use and sale of sensitive location data, the FTC is continuing its critical work to protect Americans from intrusive data brokers and unchecked corporate surveillance." This action could be a sign of more to come for the industry.

Justin Sherman, an adjunct professor at Duke's Sanford School of Public Policy and the head of a project focusing on the data broker industry, believes that the FTC's action is significant due to the prohibitions placed on Outlogic. This goes beyond just monetary fines and bar the company from selling data about sensitive locations. Sherman also notes that the FTC's focus on the sensitivity of certain locations is reminiscent of their ongoing lawsuit against data broker Kochava. The FTC is suing Kochava on the grounds that it provides data that allows companies to track and target military members with advertisements.

Overall, the FTC's action against Outlogic could set a precedent for future cases against data brokers. As the importance of personal privacy continues to gain attention, it is likely that we will see more aggressive measures being taken against companies that violate it.