Federal Trade Commission settles with mobile device retailer for misleading and deceptive conduct about its privacy policies and data security.
May 7, 2018 |
The Federal Trade Commissioner announced that it had settled with BLU Products arising from a complaint that it had deceived its customers regarding its privacy policies and data security practices.
Under the decision BLU and any business that it controls will need to establish and implement a security program for 20 years. It will be assessed by a third party every two years. It will need to make submissions to the FTC of any changes and keep regards for 20 years. These are tough conditions which is consistent with the FTC’s approach to deceptive conduct involving privacy and data security.
The press release relevantly provides:
People use their mobile devices for everything from making calls and sending emails and text messages to maintaining contact lists, taking photos, surfing the web, and finding the best travel routes. You count on your device to help with your daily routine, and you expect that your information will be private and secure.
Well, some mobile device companies deal with privacy and data security better than others. For example, today, the FTC announced a settlement with BLU Products, Inc., which sells mobile devices through online and brick-and-mortar retailers, such as Amazon and Best Buy. According to the FTC, BLU deceived consumers about their privacy policies and data security. It told consumers that it would only share data with service providers if they had a business need to get the information. But, it allowed a China-based service provider called ADUPS to collect the content of text messages, real-time location information, call and text message logs with full phone numbers, contact lists, and lists of applications installed and used from consumers’ devices, even though the Chinese company didn’t have a business need for this information.
BLU also told consumers it maintained appropriate security measures. However, according to the FTC, the transmission of consumers’ personal information from BLU devices to ADUPS happened because BLU failed to put in place appropriate security procedures to protect consumers’ devices. For example, BLU failed to oversee the security practices of its service providers.
If you’re shopping for a mobile device, or any product, do some research. Do an online search to see what others are saying about the company and the products they sell. Enter the name of the company with words like review, privacy, scam, or complaint. Look through several pages of search results.