FTC Warns Android Devs Not To Track Users Without Disclosure, Opt-Out Option

The Federal Trade Commission (FTC) sent a warning letter to twelve Android app developers that they are violating the FTC Act by using technology that can surreptitiously listen to audio signals from TVs to create profiles of what their users are watching.

The twelve companies are using technology from SilverPush, an Indian-based company that claimed that its software doesn’t target U.S. citizens. Silverpush’s technology listens to embedded signals in television ads that are inaudible to humans, to discover who is seeing what ads.

The FTC’s main problem with this technology is that the developers embedded it into their apps without disclosing it to their users. Another problem is that the audio tracking can run even when the app that contains the tracking code isn’t open.

The FTC is also picking on the developers for asking for microphone access when the apps don’t have any features that would use it:

“For example, the code is configured to access the device’s microphone to collect audio information even when the application is not in use. Moreover, your application requires permission to access the mobile device’s microphone prior to install, despite no evident functionality in the application that would require such access,” said the FTC in a letter to the twelve Android app developers.

It seems that the Center for Democracy and Technology (CDT) was the one to warn the FTC about SilverPush’s tracking technology last fall. In its own letter to the FTC, the CDT complained that users also don’t have an option to opt out of this cross-device tracking.

“These apps were capable of listening in the background and collecting information about consumers without notifying them,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “Companies should tell people what information is collected, how it is collected, and who it’s shared with,” she added.

It doesn’t look like the FTC will punish the companies for this behavior for now, but it will watch to see if they continue to avoid disclosure about the tracking technology to their customers. The agency also didn’t want to name who the twelve companies were.

Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.

Follow us on Facebook, Google+, RSS, Twitter and YouTube.

Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.

Latest

Raspberry Pi brings GitHub's Octocat to life, with tentacles that wiggle

Asus' 8K Mini LED ProArt display is the king of new ultra high-end professional monitors — 1200 nits and 4096 lighting zones

Official render of the Minisforum V3 in use, connected to a docking station.

Minisforum V3 tablet arrives — the world's first AMD Ryzen 7 8840U-powered Surface clone

See more latest ►

10 Comments Comment from the forums

Achoo22

Thank God that some common-sense rules are being put into play. The industry completely failed to regulate itself and this is hopefully just the first of many steps to return control to device owners.
Reply
braneman

Isn't this pretty much what Android is designed to do? Or pretty much any mobile operating system/Windows 10?
Reply
abbadon_34

So just these twelve? Everyone else is ok to spy? Wouldn't want to step on the toes of those big contributors and hurt their shareprices.
Reply
scubadog40

They are always watching you and know just what your doing you can believe that!
Reply
falchard

I think this is FTC testing the waters. The big dilemma for a US regulatory agency in policing the Internet is that a lot of companies are foreign and they have no authority over them. If they can get the foreign companies to comply they can jump right in.
Reply
knowom

I don't see the problem how is this any different than what the NSA has been doing for years? privacy haha that's a joke not on the internet doesn't exist
Reply
chicofehr

This I one of the reasons I use a blackberry 10 device. I can't stand anyone trying to spy on me with their apps.
Reply
hst101rox

A list of some apps that use Silverpush https://public.addonsdetector.com/silverpush-android-apps/
Reply
kunstderfugue

It's already a red light signal if an app is asking for control over a feature it doesn't use. Like a flashlight app asking for your location or contacts. It's good the Google Play Store tells you exactly which features an app will have access to.
Reply
Brian28

Isn't this pretty much what Android is designed to do? Or pretty much any mobile operating system/Windows 10?
In Android, at least they would have to request the Microphone Permission prior to install. But most users do not think to read the fine print.
Reply

Show more comments

Stay on the Cutting Edge

Most Popular