FTC Warns Android Devs Not To Track Users Without Disclosure, Opt-Out Option
The Federal Trade Commission (FTC) sent a warning letter to twelve Android app developers that they are violating the FTC Act by using technology that can surreptitiously listen to audio signals from TVs to create profiles of what their users are watching.
The twelve companies are using technology from SilverPush, an Indian-based company that claimed that its software doesn’t target U.S. citizens. Silverpush’s technology listens to embedded signals in television ads that are inaudible to humans, to discover who is seeing what ads.
The FTC’s main problem with this technology is that the developers embedded it into their apps without disclosing it to their users. Another problem is that the audio tracking can run even when the app that contains the tracking code isn’t open.
The FTC is also picking on the developers for asking for microphone access when the apps don’t have any features that would use it:
“For example, the code is configured to access the device’s microphone to collect audio information even when the application is not in use. Moreover, your application requires permission to access the mobile device’s microphone prior to install, despite no evident functionality in the application that would require such access,” said the FTC in a letter to the twelve Android app developers.
It seems that the Center for Democracy and Technology (CDT) was the one to warn the FTC about SilverPush’s tracking technology last fall. In its own letter to the FTC, the CDT complained that users also don’t have an option to opt out of this cross-device tracking.
“These apps were capable of listening in the background and collecting information about consumers without notifying them,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “Companies should tell people what information is collected, how it is collected, and who it’s shared with,” she added.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
It doesn’t look like the FTC will punish the companies for this behavior for now, but it will watch to see if they continue to avoid disclosure about the tracking technology to their customers. The agency also didn’t want to name who the twelve companies were.
Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.
-
Achoo22 Thank God that some common-sense rules are being put into play. The industry completely failed to regulate itself and this is hopefully just the first of many steps to return control to device owners.Reply -
braneman Isn't this pretty much what Android is designed to do? Or pretty much any mobile operating system/Windows 10?Reply -
abbadon_34 So just these twelve? Everyone else is ok to spy? Wouldn't want to step on the toes of those big contributors and hurt their shareprices.Reply -
falchard I think this is FTC testing the waters. The big dilemma for a US regulatory agency in policing the Internet is that a lot of companies are foreign and they have no authority over them. If they can get the foreign companies to comply they can jump right in.Reply -
knowom I don't see the problem how is this any different than what the NSA has been doing for years? privacy haha that's a joke not on the internet doesn't existReply -
chicofehr This I one of the reasons I use a blackberry 10 device. I can't stand anyone trying to spy on me with their apps.Reply -
hst101rox A list of some apps that use Silverpush https://public.addonsdetector.com/silverpush-android-apps/Reply -
kunstderfugue It's already a red light signal if an app is asking for control over a feature it doesn't use. Like a flashlight app asking for your location or contacts. It's good the Google Play Store tells you exactly which features an app will have access to.Reply -
Brian28 Isn't this pretty much what Android is designed to do? Or pretty much any mobile operating system/Windows 10?
In Android, at least they would have to request the Microphone Permission prior to install. But most users do not think to read the fine print.