According to a report by the Federal Trade Commission, a popular free flashlight app, Brightest Flashlight Free, has been selling Android users’ location data to advertisers right under our noses.
Despite an option within the app to disable the location sharing feature, which was promised to be anonymized and used only by the developer, Brightest Flashlight was locating users and, paired with a unique device ID, selling that data to advertisers.
The FTC report, which was issued only after the Commission settled the dispute with the developer, “alleges that the company deceived consumers by presenting them with an option to not share their information, even though it was shared automatically rendering the option meaningless.”
The report points out that consumers of apps must be aware of the permissions associated with each download, and make informed choices about which developers to trust. Android is a much less regulated environment than iOS, BlackBerry or Windows Phone, making it especially easy for developers to take advantage of the wealth of user data at their fingertips. Why a flashlight app needed to collect users’ location data should have been at the top every Android users’ mind when downloading the app.
While this is not the first Android app to run afoul of Google’s terms of service, its seemingly innocuous nature exposes the potential risks of using an app that says one thing but does another. In this case, Brightest Flashlight Free does apparently live up to its claim of being an excellent flashlight app; it just turns out that we, the users, were the product, not the customers.
The app’s developers, Goldenshores Technologies, are prohibited from misrepresenting their apps in the future, but this is unlikely to be the last time we hear of a free app misusing peoples’ location data. Apple makes it much more difficult for developers to do the same thing, and has even banned the use of UDIDs for advertising purposes. It’s unlikely Goldenshore was selling users’ location data to advertisers for nefarious purposes, but the fact remains that we didn’t know, and were mislead, and that’s what caused the FTC investigation.