Latest in Gear

Image credit: Bloomberg via Getty Images

Blu settles with FTC over allegations of lax user data security

A subcontractor farmed customer data and Blu misled how much it was protecting them.
127 Shares
Share
Tweet
Share
Save
Bloomberg via Getty Images

Unlocked mobile phone retailer Blu has settled with the FTC over allegations that it didn't protect consumers from a Chinese company that farmed their data and misled users about the extent of it. The device maker won't get slapped with a fine, but as part of the agreement, it can't misrepresent how it protecting customer privacy and security. It will also need to adopt a program that addresses risks for protecting user information and be audited every two years for the next two decades to ensure compliance.

Blue had contracted ADUPS for third-party apps that would come preinstalled on phones. Back in 2016, the device maker admitted that the software ended up collecting far more consumer data than it was supposed to, including text messages, real-time location data, call and text message logs, contact lists and application rosters.

While Blu assured customers that a software update would protect them from such collection, the FTC claimed that the company continued to allow it on older devices. This was so obvious that Amazon removed Blu products from its platform last fall.

From around the web

ear iconeye icontext filevr