Mobile ad company InMobi is facing a $4m fine from the Federal Trade Commission (FTC) for allegedly violating the Children's Online Privacy Protection Act by collecting geolocation data from young children.
According to the FTC, the Singapore-based company - which claims its mobile ad network reaches more than one billion mobile devices - has been illegally collecting location data from “hundreds of millions” of consumers, including young children.
The Federal Trade Commission, an independent agency of the United States government, claimed InMobi “undermined consumers’ ability to make informed decisions about their location privacy and to control the collection and use of their location information”.
The agency said that the company tracked consumers' locations and served them with geo-targeted ads despite efforts by consumers to restrict access to their location data. The company apparently circumvented restrictions put in force by consumers by collecting information about WiFi networks that consumers connected to, or that were nearby.
In a statement InMobi admitted it "inferred" users' locations through WiFi data, and said in the future it will only use WiFi information when serving location based targeted advertising campaigns “when an app user has authorized the app to collect and transmit the same”.
What’s more, the company’s software allegedly tracked location in apps directed at children younger than 13, without obtaining a parent’s consent, therefore violating the Children's Online Privacy Protection Act.
The Act prohibits the collection of "personally identifiable" information from children under 13 without their parents' permission, which includes geolocation data.
The FTC settlement with InMobi provides for a $4 million fine, with all but $950,000 suspended. InMobi has agreed to destroy the geolocation data it collected, and will establish a privacy program and submit to biennial audits for the next 20 years.