Repeatedly Hacked T-Mobile Ramps Up The Sale Of User App Download And Behavior Data

from the collect-ALL-the-things! dept

T-Mobile hasn’t been what you’d call competent when it comes to protecting its customers’ data. The company has been hacked numerous different times over the last few years, with hackers going so far as to ridicule the company’s lousy security practices.

A responsible company might slow down on data collection until it was certain it had figured out how to protect the data it collects. But this being the United States, where there’s no real accountability for companies with lax privacy and security standards (outside of four days or so of mean Tweets), T-Mobile has announced that it’s dramatically expanding its collection of user browsing and app download data.

The effort is part of T-Mobile’s new “App Insights” adtech product that was formally launched recently. App Insights will allow marketing companies to further track and target T-Mobile customers based on which apps they’ve downloaded and their “engagement patterns” with said apps — namely how often they use them, how long they remain open on the device, and other metrics.

As Gizmodo notes, there won’t be many restrictions, allowing microtargeting folks by sexual orientation:

T-Mobile also won’t stop marketers from taking things into their own hands. One ad agency exec that spoke with AdExchanger said that one of the “most exciting” things about this new ad product is the ability to microtarget members of the LGBTQ community. Sure, that’s not one of the prebuilt personas offered in the App Insights product, “but a marketer could target phones with Grindr installed, for example, or use those audiences for analytics,” the original interview notes.

The timing of this dramatic expansion in user app data monetization, at a time when abortion bans and potential vigilante action are forging a profound new seriousness in consumer app policy concerns, is a fairly telling representation of how worried a company like T-Mobile is about privacy-related oversight coming from a generally over-extended, under-funded, and under-staffed FTC (as in, not at all).

As with so many modern companies, T-Mobile over-collects data, then doesn’t take the necessary steps to protect said data. It then lobbies U.S. lawmakers to ensure we don’t shore up U.S. privacy protections (as it did when Congress gutted the FCC’s fairly modest broadband privacy rules), and the cycle repeats itself in perpetuity. Making money is, quite literally, the only policy consideration that matters.

Filed Under: , , , , , , , ,
Companies: t-mobile

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Repeatedly Hacked T-Mobile Ramps Up The Sale Of User App Download And Behavior Data”

Subscribe: RSS Leave a comment
Ben (profile) says:


I wonder if any territory has established a useful and largely successful (with some bugs to be ironed out) legislative framework that gives the individual rights around their data, and protects, for example, extremely personal information such as sexual orientation.

I know it’s not fashionable to cite the GDPR around here, but there are some successes therein. It is forcing companies to take the principals seriously, even if you don’t like the over-reach of the right-to-be-forgotten.

Ehud Gavron (profile) says:

Being responsible.. that's a good thing, right?

Karl, you write:

A responsible company might…

Sure. And TMO is responsible? Like AT&T? VZW?

They are all “we will betray you but don’t worry you can have a year of LifeLock later” responsible.

How to solve:
1. Daddy needs to come home sooner.
2. Spank the bad children.
3. Real penalties for having not done it right before, multiplied each and every time they do it wrong.
4. Removal of licensing to continue operating once they’ve done this.

Want to stand up for #4 here? It would take some effort, and some balls. It would, however, resolve this issue once and for all. I’ll put it again in simple words:

If you company, on a second time or more, has allowed customer private information to be released, your company MAY NOT offer any services to consumers until it has fixed its processes, documented those fixes, and have a regulator sign off that they are fixed.


Anonymous Coward says:

Re: A small change, if you please.....

and have a regulator sign off that they are fixed.

I’d suggest that everything be signed off not by a single person, probably a government goon that can be purchased for a nominal sum, but instead have a 5 or 7-person review board consisting of recognized security experts, and having no government-employed asshats. Think of something along the lines of UL (or CSA in Canada), and you’re pretty close to what I’m thinking of here.

Ehud Gavron (profile) says:

Re: Re: Re: Quality is job 1

Lost to Techdirt’s current coding issues, perhaps. Maybe it’ll come back soon.

TD has spent pretty much two years on this, except with people (fans? customers?) reading around the entire world.

I do wish them well with this process. They do ALL work hard, and these “bugs” we readers see, they see also.

There are many of us who are fans here. Paul, That, etc. I read your posts and you read mine. We may not agree, but I think we still wish these people the best.

Best wishes to eventually having a “perfect’ site.


That Anonymous Coward (profile) says:

Re: Re:

looks at the leader of the GQP who has a long history of adultery, cheating, banging hookers and they ignore it

Yeah no, finding out the golden boy is gay is the only thing the GQP can get upset about these days.
Given how many male escorts are booked during CPAC, I think it would just shock them… sort of like how they are busily trying to destroy Drag Queen Story Time while actively ignoring their own churches are covering up and enabling sexual predators.

Anonymous Coward says:


This is exactly why I sideload apps and deny them all unnecessary permissions. I find it’s better to quarantine an app with airplane mode until I’ve turned that permision off by not having my data turned on whilst installing it, making it much easier to also turn off the Activity Permission requested by SoundHound, for example, since that also needs Internet access.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...