Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its subsidiary Arity, accusing them of illegally collecting, using, and selling location and movement data from over 45 million Americans without their consent. The lawsuit claims that Arity’s software, embedded in mobile apps, tracks users’ driving data and sells it to insurers, including Allstate. This software collects detailed information, including GPS data, accelerometer data, and even the consumer’s actions, such as whether they picked up their phone while driving. The software is alleged to track the consumer’s location and movements in real-time without providing proper notice or obtaining consent from the users.
The lawsuit also targets Arity’s failure to register as a data broker with the state:
The lawsuit also targets Arity’s failure to register as a data broker with the state, in violation of Texas’ Data Broker Law. Paxton also accuses Arity and Allstate of breaching the Texas Insurance Code by engaging in unfair and deceptive practices. Texas’ Data Privacy and Security Act, which took effect in July 2023, was also violated by the companies, marking this lawsuit as the first enforcement of the law. The complaint claims that Arity’s software secretly gathers sensitive data from consumers and shares it with Allstate and other insurers, potentially raising consumers’ insurance premiums based on the driving behavior of others.
Arity has allegedly paid millions of dollars to mobile app developers to install its tracking software on users’ phones, often without their knowledge. The data collected includes not only location but also specific trip attributes such as the start and end times of trips, acceleration, and braking events. Allstate then uses this data to adjust premiums for existing customers and generate inflated quotes for prospective customers. Additionally, the complaint highlights that Arity markets itself as providing insurers with a driving behavior database, which is built using data gathered from mobile phones and connected vehicles.
In response, Texas is seeking monetary damages and demands that Arity delete the data it has collected illegally. The lawsuit also asks for the company to stop gathering and selling such data and provide restitution to affected consumers. This legal action follows earlier warnings issued to mobile apps involved in Arity’s data collection program, including apps like GasBuddy and Life360. Paxton’s office has already filed similar lawsuits against other companies, including General Motors, for similar privacy violations, signaling a strong push for data privacy enforcement in Texas.
