The U.S. Federal Trade Commission (FTC) has imposed restrictions on InMarket Media, a Texas-based data broker, preventing it from selling or licensing precise location data without consumer consent. This action follows allegations that InMarket Media failed to inform or seek consent from users before utilizing their location information for advertising and marketing purposes. The settlement also mandates the deletion of all previously collected location data contingent on users’ approval and requires the establishment of a mechanism for consumers to withdraw consent and request the deletion of their data. InMarket Media is the second data aggregator to face such a ban in recent weeks, following Outlogic (formerly X-Mode Social).
InMarket Media’s data collection involves harvesting location information from its proprietary apps like CheckPoints and ListEase, along with over 300 third-party applications that integrate its software development kit (SDK). This data, which includes precise latitude, longitude, timestamp, and unique mobile device identifiers, is used to categorize consumers into nearly 2,000 segments based on their visited locations. The company serves tailored ads on apps that incorporate its SDK, and it also offers a product that delivers ads to consumers based on their current whereabouts. The FTC complaint highlighted InMarket’s inadequate efforts to ensure third-party apps embedding its SDK obtained users’ explicit consent and its failure to notify them that location data would be combined with other information to create consumer profiles.
The settlement requires InMarket Media to establish a sensitive location data program, preventing the use, sale, or transfer of products or services categorizing or targeting consumers based on sensitive location data. The FTC also criticized InMarket’s five-year data retention policy as unnecessary and potentially putting customers at risk. This development aligns with increased regulatory scrutiny on data brokers and their handling of sensitive information, emphasizing the importance of user consent and privacy protections in the collection and use of location data.
