Popular flashlight app has been secretly sharing location data with advertisers
How ‘free’ are free apps? As the old adage goes, “There’s no such thing as a free lunch.” The (hopefully obvious) truth is that most developers don’t create free apps out of the kindness of their hearts, they do it to make money. For some developers, that means in-app purchases. For others, they make you endure various types of ads.
In the case of Brightest Flashlight, it turns out that they make their money not just through ads, but also by selling specific data location and device ID information to 3rd party advertisers. The situation first came to light (pun intended) after the FTC received a complaint about privacy concerns with the app. This led the FTC to further investigate the manner.
The big takeaway here is that you should always read app permissions before installing.
What’s even more interesting is that this app was highly rated with a 4.8, and has been downloaded more than 50 to 100 million times. Now to be honest, there are probably some folks that might not care about their information being sold to advertisers as long as the app itself is good. For those that value their privacy however, this is a pretty big invasion of it.
Now you could say that folks that are concerned about privacy should carefully examine app permissions before installing, and we’d certainly agree. The fact that the flashlight app required all sorts of special permissions should have been a pretty big red flag.
The real problem though is that the app’s maker went out of its way to deceive folks by stating that these special permissions would only be used for internal purposes, even though they ended up selling the information without permission. Furthermore, the FTC says the app had an “opt out” option but the truth is that the opting out didn’t stop the information from being shared.
[quote qtext=”When consumers are given a real, informed choice, they can decide for themselves whether the benefit of a service is worth the information they must share to use it. But this flashlight app left them in the dark about how their information was going to be used.” qperson=”Jessica Rich” qsource=”Director of the FTC’s Bureau of Consumer Protection” qposition=”center”]
The good news is that the FTC has since reached a settlement with GoldenShores Technologies (the app developer) to provide more control over location sharing and is forcing them to be more transparent about what they do with the data they collect. The app developer is also required to delete all previously collected data as part of their settlement with the FTC.
The big takeaway here is that you should always read app permissions and if anything seems even slightly suspicious, you might want to look elsewhere.