The Federal Trade Commission has finalized an order prohibiting data broker X-Mode and its successor Outlogic from sharing or selling any sensitive location data to settle allegations that the company sold precise location data that could be used to track people’s visits to sensitive locations such as medical and reproductive health clinics and places of worship.
In a complaint first announced in January 2024, the FTC charged that X-Mode/Outlogic failed until May 2023 to remove sensitive locations from the raw location data it sold and did not implement reasonable or appropriate safeguards against downstream use of the precise location data it sold, putting consumers’ sensitive personal information at risk.
In addition to the ban on selling or sharing sensitive location data, the order also imposes several other requirements on X-Mode/Outlogic including mandating that it create a program to ensure it develops and maintains a comprehensive list of sensitive locations, and ensure it is not sharing, selling or transferring location data about such locations.
It also must delete or destroy all the location data it previously collected and any products developed from this data unless it obtains consumer consent or ensures the data has been deidentified or rendered non-sensitive; develop a supplier assessment program to ensure that companies that provide location data to X-Mode/Outlogic are obtaining informed consent from consumers for the collection, use and sale of the data or stop using such information; implement procedures to ensure that recipients of its location data do not associate the data with locations that provide services to LGBTQ+ people, with locations of public gatherings of individuals at political or social demonstrations or protests, or use location data to determine the identity or location of a specific individual; and establish and implement a comprehensive privacy program that protects the privacy of consumers’ personal information and also create a data retention schedule.
After receiving three comments on the proposed settlement, the Commission voted 3-0-2 to give final approval of the settlement with X-Mode/Outlogic. Commissioners Melissa Holyoak and Andrew N. Ferguson did not participate.
Source: FTC