The makers of a popular Android flashlight application have settled with the Federal Trade Commission over allegations that they covertly tracked the locations of the “Brightest Flashlight Free” users and sold that information to advertising firms.

The FTC’s charges stem primarily from the fact that the company failed to disclose these actions to the users of the app in their permissions, privacy policy, or end-user license agreement.

The settlement resolves a complaint filed by the FTC against the company that developed the application, Goldenshore Technologies LLC, and the man that manages that company, Erik M. Geidl.

The FTC claims in its complaint that while the app purported to act as a flashlight by activating a device’s camera flash function, it also transmitted – or permitted the transmission of – various device information to third parties, including advertising networks. That information transmitted allegedly included geolocation and persistent device identification information.

The collection of such information is commonplace. Problematically though, Goldenshore Technologies failed to inform consumers about these tracking and data collection practices in their applications permissions. Beyond that, the application’s privacy policy and EULA are outright deceitful according to the FTC, because it promises that Goldenshore Technologies may only use information that is not personally identifiable.

Furthermore, the Brightest Flashlight Free app begins collecting device-information while users are viewing but before they have accepted the terms and conditions laid out in the EULA. In other words, the applications even collects information about users that refuse to accept the its terms and conditions.

Because of all of this, the FTC claims that Goldenshore Technologies were engaged in unfair and deceptive acts and further in violation of the Federal Trade Commission Act.

“When consumers are given a real, informed choice, they can decide for themselves whether the benefit of a service is worth the information they must share to use it,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection in a statement. “But this flashlight app left them in the dark about how their information was going to be used.”

Pending full approval from the FTC, the settlement will prohibit Goldenshore Technologies from misrepresenting what user-information they collect and how they use that information. The company now must obtain clear consent from users before collecting such information. Goldenshore Technologies must also delete all personal information they have collected from app-users to this point. Goldenshore technologies may also be forced to pay $16,000 for each of the counts the FTC claims it violated.

Categories: Government, Privacy