Suzanne Smalley reports:
Texas’ attorney general is suing the insurance giant Allstate and its subsidiary Arity for allegedly illegally collecting, using and selling cell phone location and movement data belonging to more than 45 million Americans without their knowledge.
Allstate harvested trillions of miles of that data from Americans’ cellphones through “secretly embedded” software Arity paid millions of dollars to place in mobile apps that tracked consumers’ driving data, state Attorney General Ken Paxton announced Monday.
By failing to give consumers notice or get their consent for gathering and selling the sensitive data, Allstate violated Texas’ new Data Privacy and Security Act, a press release from Paxton said.
Read more at The Record.
Attorney General Paxton’s press release:
Texas Attorney General Ken Paxton sued Allstate and its subsidiary, Arity (“Allstate”), for unlawfully collecting, using, and selling data about the location and movement of Texans’ cell phones through secretly embedded software in mobile apps, such as Life360. Allstate and other insurers then used the covertly obtained data to justify raising Texans’ insurance rates.
Allstate, through its subsidiary data analytics company Arity, would pay app developers to incorporate its software to track consumers’ driving data. Allstate collected trillions of miles worth of location data from over 45 million consumers nationwide and used the data to create the “world’s largest driving behavior database.” When a consumer requested a quote or renewed their coverage, Allstate and other insurers would use that consumer’s data to justify increasing their car insurance premium.
These actions violated the Texas Data Privacy and Security Act (“TDPSA”), which created heightened protections for Texans’ sensitive data, including but not limited to precise geolocation information. The law requires clear notice and informed consent regarding how a company will use Texans’ sensitive data. Allstate never provided notice or obtained Texans’ consent to collect or sell their sensitive data. This is the first enforcement action ever filed by a State Attorney General to enforce a comprehensive data privacy law.
“Our investigation revealed that Allstate and Arity paid mobile apps millions of dollars to install Allstate’s tracking software,” said Attorney General Paxton. “The personal data of millions of Americans was sold to insurance companies without their knowledge or consent in violation of the law. Texans deserve better and we will hold all these companies accountable.”
This lawsuit follows Attorney General Paxton’s lawsuit against General Motors and his ongoing investigations into several car manufacturers for secretly collecting and selling drivers’ highly detailed driving data.
To read the filing, click here.