The Federal Trade Commission (FTC) has ramped up its oversight of data brokers with a series of enforcement actions aimed at cracking down on companies that unlawfully gather and sell sensitive consumer data. This increased regulatory scrutiny highlights a growing concern over privacy and the potential misuse of location-based data. As the digital landscape evolves, so too does the risk of unauthorized surveillance, especially when sensitive personal information is involved. This blog explores the FTC’s latest moves, focusing on its actions against data brokers Gravy Analytics, Venntel, and Mobilewalla, and the broader implications for data privacy in the United States. 

Overview of Recent Enforcement Actions 

In December 2024, the FTC took decisive action against three major data brokers—Gravy Analytics, Venntel, and Mobilewalla—accusing them of tracking and selling location data that could reveal highly sensitive information about individuals. These companies allegedly obtained and sold non-anonymized data, violating privacy regulations. The FTC’s actions are part of a broader effort to ensure that consumer privacy is respected and that sensitive data is handled securely. 

The enforcement actions focused on data brokers’ role in selling location data that could expose individuals’ visits to medical facilities, religious institutions, and other sensitive places. By using sophisticated geofencing technology, these companies could track individuals’ movements and create highly detailed profiles, which were then sold to third parties. These activities have raised alarms about privacy and the misuse of personal information. 

Key Allegations Against Gravy Analytics, Venntel, and Mobilewalla 

1. Gravy Analytics and Venntel

• • Sensitive Location Data: Gravy Analytics and its subsidiary Venntel allegedly collected and sold location data derived from over a billion mobile devices daily. This data included information about consumers’ movements, such as visits to health care facilities and places of worship. 
  • Geofencing Practices: Gravy Analytics reportedly employed geofencing technology to target individuals based on their proximity to sensitive locations. This data could then be used to identify people with specific health conditions or political affiliations. 
  • Lack of Anonymization: The FTC emphasized that the data sold by these companies was not anonymized, thus making it possible to identify individuals. 

2. Mobilewalla

• • Sensitive Data and Targeted Advertising: Mobilewalla was accused of selling location data that could reveal the location of individuals’ homes, alongside using this data to create targeted advertising segments. 
  • Surveillance of Protesters: A particularly concerning report by Mobilewalla analyzed the racial backgrounds and geographic locations of protesters involved in the George Floyd demonstrations in 2020, raising ethical concerns about the company’s surveillance activities. 

Key Measures Imposed by the FTC 

As part of the settlement agreements, the FTC imposed several key measures to protect consumers and prevent future violations: 

• Ban on Selling Sensitive Data: The companies involved are now prohibited from selling or sharing sensitive location data unless it is for national security or law enforcement purposes. 
• Protection of Sensitive Locations: The data brokers are required to implement a program to safeguard sensitive locations such as: 

• • Hospitals and medical centers 

• • Religious institutions 

• • Prisons and jails 

• • Schools and childcare centers 

• • Shelters for vulnerable populations (e.g., homeless, abuse victims) 

• Public Comment Period: The settlements are open for public comment for 30 days before they are finalized, allowing for transparency and public input on the agreements. 

Broader Implications for Data Privacy 

These enforcement actions are part of a broader effort by the FTC to regulate the data broker industry and protect consumer privacy. The agency has been active in addressing privacy concerns related to location data and its potential to infringe on individual freedoms. 

The use of sensitive data by data brokers has raised serious questions about privacy rights, particularly when data is used for targeted advertising or surveillance. The actions against Gravy Analytics, Venntel, and Mobilewalla underscore the importance of robust data privacy regulations that can prevent misuse while still allowing for legitimate business use of consumer data. 

Key Takeaways: 

• Privacy Protection is Critical: The recent enforcement actions highlight the importance of safeguarding consumer privacy, especially regarding sensitive location data. 
• Transparency in Data Usage: Consumers deserve transparency regarding how their data is collected and used. Data brokers must adopt policies that prioritize privacy and ethical data handling. 
• Regulation of Data Brokers: As data brokers continue to expand their reach, regulatory bodies like the FTC must remain vigilant to ensure that their practices comply with privacy standards. 

The Growing Role of Federal Agencies 

These actions are not occurring in a vacuum. The FTC’s focus on data brokers is part of a wider federal initiative to address concerns about privacy and data security. For instance, the Consumer Financial Protection Bureau (CFPB) has also proposed new rules aimed at preventing the sale of sensitive personal information, including Social Security numbers, by data brokers. This signals an ongoing effort to tighten regulations on the collection and sale of consumer data across industries. 

The FTC’s actions against these data brokers also come at a time when other federal agencies, such as the Department of Justice and the Department of Defense, are scrutinizing the use of data for surveillance purposes. The rise of privacy regulations, like the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR), has set a global precedent for how personal data should be handled, pushing other regions to consider similar measures.  

A Step Toward Stronger Data Privacy Protections 

The FTC’s recent enforcement actions against Gravy Analytics, Venntel, and Mobilewalla serve as a significant step toward greater accountability in the data broker industry. As data privacy concerns continue to grow, these actions underscore the need for comprehensive regulations that balance business interests with the protection of consumer rights. With heightened scrutiny and regulatory efforts, it is clear that data brokers will need to adopt more transparent and secure practices to avoid future violations. 

For consumers, these actions represent a crucial victory in the ongoing battle for privacy rights. As the landscape of data collection and usage continues to evolve, it is vital that both businesses and regulatory agencies work together to ensure that personal data is treated with the utmost care and respect.