Company dedicated to the sale of information acknowledges having collected data without the consent of the users

A recent report notes that a British company engaged in the sale of location details acknowledged that part of the records sold was obtained without the prior consent of the users. Hug, the company in question, uses app location data on people’s phones and sells it to all sorts of customers, including British municipalities.

A representative of the company mentioned that, in two different cases, the partners of these applications did not request the consent of the users, although he assures that the problem has already been solved.

“Although data is used anonymously, consent is critical to data collection and should be taken seriously. We strive to ensure that all of our app partners explicitly request consent,” the company’s statement said.

Kaibits Software, which developed one of the applications noted, acknowledged some permission issues, although it said they had already been addressed. On the other hand, Huq continues to contemplate the possibility that other applications have not requested adequate consent, so this is still an active problem.

Some of the apps that used this data were apps for code scanning and other tools for WiFi performance analysis, so hundreds of users could have been affected. Huq advertises a wide range of services on its website, making detailed descriptions of how its real-time metrics can be used “to find out where people are going and why,” something that has undoubtedly generated controversy during this investigation.

Companies that collect this kind of information now face increased scrutiny from authorities. In Denmark, the local government is trying to determine whether there is a legal basis for Huq’s activities, while the British authorities are about to issue their own resolutions, which include sanctions for the companies involved in this case.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.