Huq admits GPS location data sharing privacy breach

Occurred: October 2021

Huq, a British firm that sells people’s location data, admitted to a privacy breach where some of its data was obtained without user permission. 

The company received GPS coordinates even when mobile users had explicitly opted-out of the collection of this data on individual Android apps, according to app analysis company AppCensus and Vice's Motherboard.

The apps in question measured Wi-Fi strength, scanned barcodes, amongst other things, but appeared to have shared user data for purposes other than those stated.

The company appeared unaware of the vulnerability, but the findings raised questions about the nature and effectiveness of it's customer/partner compliance checks, which the company said it ran monthly.

Civil rights and privacy advocates suggested the problem reflected poor data sharing practices and governance by the advertising and marketing industry.

System 🤖

Operator: Huq Industries
Developer: Huq Industries, Kaibits Software, AppSourceHub

Country: UK

Sector: Technology

Purpose: Track user location

Technology: Location tracking algorithms

Issue: Privacy

Investigations, assessments, audits 👁️

Page info
Type: Incident
Published: October 2021