Huq GPS location data sharing
Occurred: October 2021
UK-based docation data merchant Huq received GPS coordinates even when mobile users have explicitly opted-out of the collection of this data on individual Android apps, according to app analysis company AppCensus and Vice's Motherboard.
Huq, which claims to collect and process over one billion mobility events every day, appeared unaware of the vulnerability. But the findings raised questions about the nature and effectiveness of it's customer/partner compliance checks, which the company said it runs monthly.
Civil rights and privacy advocates suggested the problem reflects inadequate advertising and marketing industry data sharing practices and governance.
Operator: Huq Industries
Developer: Huq Industries, Kaibits Software, AppSourceHub