Ancestors

Written by Wolfie Christl on 2025-01-10 at 10:33

So, there's evidence that a few thousand mobile apps shared location data with the data broker Gravy Analytics (Unacast), whose subsidiary Venntel sold to ICE, CBP, FBI, DEA and other US govt agencies, probably via intermediaries and RTB, including data on Europeans:

https://www.wired.com/story/gravy-location-data-app-leak-rtb/

=> More informations about this toot | More toots from wchr@mastodon.social

Written by Wolfie Christl on 2025-01-10 at 10:34

Here's the full list of apps [Google doc]:

https://docs.google.com/spreadsheets/d/1Ukgd0gIWd9gpV6bOx2pcSHsVO6yIUqbjnlM4ewjO6Cs/edit

=> More informations about this toot | More toots from wchr@mastodon.social

Toot

Written by Wolfie Christl on 2025-01-10 at 10:36

What stops GDPR regulators from systematically taking action against all these apps?

Ask app vendors about the legal basis for Gravy's data processing (whether location is based on IP or GPS), make them explain in detail how this could happen.

They can still try to explain how their advertising 'service' providers might have misled them. If they fully cooperate and offer regulators detailed info about how intermediaries and Gravy accessed and sold the data, they’ll receive a reduced fine.

=> More informations about this toot | More toots from wchr@mastodon.social

Descendants

Written by Wolfie Christl on 2025-01-10 at 21:43

Plus, there's another angle. Google and Apply are responsible for this to happen, together with Gravy Analytics, adtech intermediaries and app vendors. The evidence from this incident can be the starting point for DPAs to hold them accountable as joint controllers of illegal processing linked to advertising IDs at scale.

https://bsky.app/profile/thezedwards.bsky.social/post/3lfe3oo232e2s

...not to mention their role as beneficiaries from app store platform intermediation on multiple levels while don't giving a f*ck.

=> More informations about this toot | More toots from wchr@mastodon.social

Written by Wolfie Christl on 2025-01-10 at 21:46

• Apple not Apply ,)

=> More informations about this toot | More toots from wchr@mastodon.social

Written by Wolfie Christl on 2025-01-18 at 11:32

The @netzpolitik_feed article has more detail.

In total, it's about 40,000 different apps, people from 137 countries and 380 million location records that include advertising/device IDs.

Apps that apparently shared exact mobile location data include Wetter Online (most popular weather app in Germany, 100m downloads), Focus Online (large German news outlet), Kleinanzeigen and FlightRadar24.

@sebmeineck and @roofjoke even found people whose data was affected:

https://netzpolitik.org/2025/databroker-files-neuer-datensatz-enthuellt-40-000-apps-hinter-standort-tracking/

=> More informations about this toot | More toots from wchr@mastodon.social

Written by ftg on 2025-01-10 at 18:28

@wchr

That is a very good question indeed.

=> More informations about this toot | More toots from ftg@mastodon.radio