Android Flashlight App Developer Settles FTC Claims of Sending Data to Third Parties

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Dec. 5 --A developer of a flashlight application for Android mobile devices has agreed to settle Federal Trade Commission charges that it failed to disclose to consumers that the app transmits geolocation information and device identifiers to third parties, according to a proposed administrative consent order released Dec. 5 (In re Goldenshores Techs., LLC, FTC, File No. 132 3087, proposed consent order 12/5/13).

The settlement with Moscow, Idaho-based Goldenshores Technologies LLC and Eric M. Geidl, its managing member, would require them to provide just-in-time notice to consumers explaining how their geolocation information is being collected, used and shared, and it would require them to obtain consumers' affirmative express consent before collecting and sharing such information, the FTC explained in a Dec. 5 statement announcing the settlement.

“When consumers are given a real, informed choice, they can decide for themselves whether the benefit of a service is worth the information they must share to use it,” Jessica Rich, director of the FTC's Bureau of Consumer Protection, said in the statement. “But this flashlight app left them in the dark about how their information was going to be used.”

Downloaded Millions of Times

According to the FTC's draft administrative complaint, the defendants' “Brightest Flashlight Free” mobile app has been downloaded “tens of millions of times via Google Play.” The app activates all of the lights on a mobile device to provide illumination, the FTC explained.

The defendants' privacy policy, however, “does not disclose or adequately disclose to consumers that the Brightest Flashlight App transmits or allows the transmission of device data, including precise geolocation along with persistent device identifiers, to third parties, including advertising networks,” the commission said in the complaint.

After a user downloads the app, the app requires the user to either “Accept” or “Refuse” an end-user license agreement (EULA), according to the FTC. “In fact, while consumers are viewing the Brightest Flashlight EULA, the application transmits or causes the transmission of their device data, including the device's precise geolocation and persistent identifier, even before they accept or refuse the terms of the EULA,” the commission said.

The FTC alleged that these actions constitute unfair or deceptive acts or practices in violation of Section 5 of the FTC Act, 15 U.S.C. § 45.

In addition to the notice and consent requirements, the proposed settlement would prohibit the defendants from misrepresenting to consumers how their information is collected and shared and how much control consumers have over that information. It would also require the defendants to delete the personal information of the app users within 10 days of the entry of the order.

The commission is accepting comments on the proposed consent agreement package through Jan. 6, 2014.

Kerry O'Brien and Sarah Schroeder, of the FTC, in San Francisco, represented the commission. Samuel T. Creason, of Creason, Moore, Dokken and Geidl PLLC, in Lewiston, Idaho, represented the defendants.

The proposed agreement containing consent order is available at

The FTC's draft administrative complaint is available at

Request Bloomberg Law: Privacy & Data Security