Show Notes
Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/
Follow on Twitter: twitter.com/IDTheftCenter
Show Transcript
Man Bites Dog
Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for September 30, 2022. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss a case of dueling lawsuits over the sale of personal information.
The textbook definition of “what is news” has always been this: A dog bites a man is not news; a man bites a dog, that’s news! What that means for this episode is there is no news when the Federal Trade Commission (FTC) takes action against a company selling personal information. However, it’s big news when one of those companies sues the FTC.
FTC Sends Proposed Complaint & Settlement Offer to Kochava
That’s exactly what’s happening between an ad tech company, Kochava, and the government agency tasked with regulating data sales. The FTC recently sent a proposed complaint and settlement offer to Kochava alleging that the company's data collection practices made it possible for third parties (including cybercriminals) to track mobile phone users.
The FTC complaint suggested that mobile phone users weren't told they were sharing this data with Kochava. According to the government, that was a violation of the Federal Trade Commission Act as an unfair or deceptive business practice.
Kochava Sues the FTC Over Alleged Overreach
It’s not uncommon for the FTC to give companies a copy of what they will file as an enforcement action along with a proposed settlement before they file the complaint. That happens all the time. What happens less often is the target of the enforcement action racing to the courthouse to beat the FTC to the clerk’s office.
Rather than accept the FTC’s offer, Kochava has decided to sue the FTC and asked a federal court to intervene and stop the FTC from an alleged government overreach. The FTC, for its part, alleges that the company is selling location data that can be used to identify individuals who visit sensitive locations. The agency lists “therapists’ offices, addiction recovery centers, medical facilities and women’s reproductive health clinics” as examples of sensitive locations.
Kochava’s primary business is designing marketing tools. However, they often purchase and sell mobile device data. The company’s complaint claims the FTC simply doesn’t understand Kochava’s technology and that it uses technical controls to prohibit customers from identifying consumers or tracking third-party users at sensitive locations. The company also claims the FTC lacks specific authority to take the action it plans against Kochava.
That’s why we have lawsuits – to settle issues like this. The FTC has until mid-October to respond to the lawsuit.
Contact the ITRC
If you want to learn how to protect your personal information or you think you have been the victim of an identity crime, visit our website www.idtheftcenter.org. You can also speak with an expert advisor on the phone (888.400.5530), chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST).
Be sure to listen to the most recent episode of our sister podcast, the Fraudian Slip, where our CEO, Eva Velasquez, discusses the findings in our 2022 Consumer Impact Report, which looks at how people are affected by identity crimes. In October, we will publish our report on how small businesses and solopreneurs are impacted by identity crimes and cyberattacks.
We will return next week with another episode of the Weekly Breach Breakdown.
Listen On
Also In Season 3
-
The Fraudian Slip Podcast ITRC - P2P Fraud
Welcome to the Fraudian Slip…the Identity Theft Resource Center’s podcast where -
The Fraudian Slip Podcast ITRC - 2023 Predictions
Welcome to the Fraudian Slip…the Identity Theft Resource Center’s podcast where -
The Weekly Breach Breakdown Podcast by ITRC - Disarmed Services - S3E32
Welcome to the Identity Theft Resource Center’s Weekly Breach Breakdown for Nove -
The Weekly Breach Breakdown Podcast by ITRC - Scraping By - S3E31
Welcome to the Identity Theft Resource Center’s Weekly Breach Breakdown for Nove