Apple, Pandora Hit with Second App Privacy Lawsuit

| News

Legal scalesApple and Pandora have been hit with a second lawsuit alleging the companies violated user privacy by allowing iPhone identifier codes and other personal information to be collected without user consent. The two companies were named in a lawsuit in December 2010 over the same claims.

The new case was filed in U.S District Court in New York. The earlier case was filed in California.

According to the filing, Pandora and Backflip Studios, maker of the Paper Toss game, collected the unique UDID numbers from user’s iPhones to track people and push targeted ads to them without consent. The lawsuit also alleged that Apple was aware of the issue, but failed to take any corrective action.

The case also claimed Pandora and Backflip Studios collected user phone numbers, age, gender and location data to share with third-party advertisers.

Apple does have developer policies in place to prevent apps from collecting personally identifiable information without user consent, although it didn’t enforce those rules for these apps, according to the filing.

The plaintiffs are hoping to convince the Court to grant the filing class action status, are seeking injunctive relief, and an order blocking the companies from continuing to collect user data without consent.

Apple has not commented on the lawsuit.

[Thanks to AppleInsider for the heads up.]

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

Robbo

does this mean Apple could be looking at a deluge of ‘me too’ lawsuits? A lawsuit for every app that has collected data, maybe?

Robbo

double post, oops

archimedes

It’s about time. Right now there is little to prevent apps from grabbing everything they possibly can, uploading it to their servers, and selling it to advertisers. Worst of all, Apple provides an API to access UDIDs making it easy to track devices (and people) across applications, but provides no privacy settings for device-specific information.

Apple should make UDIDs resettable, randomized, and per-application, should disallow access to any personal (e.g. Address Book, Photos, location) or device-specific information (e.g. MAC address, serial number, etc.) without the user’s express consent, should forbid uploading device-specific information or sharing device or personal information without consent, and should heavily punish any app developer (hello, Pandora!) found violating the App Store’s privacy policy.

Log-in to comment