If you’ve ever felt like your cellphone was listening to you or tracking you after you’ve mentioned or looked up a specific product, you’re not alone. A new lawsuit filed last week in California by San Mateo resident Felix Kolotinsky in a San Francisco district court accuses retail giant Amazon of tracking consumer cell phone data so that users receive targeted ads.
While the lawsuit does not specifically accuse the tech giant of listening to customer conversations, it does accuse the company of tracking users and their behaviors through third-party apps.
The lawsuit accuses Amazon of using Amazon Ads SDK, a code that is provided to app developers who can then embed this code into their applications.
Through this code, Amazon was able to gain “backdoor access” to people’s phones through these applications.
By using this code, Amazon was allegedly able to collect timestamped geolocation data that informed the tech giant about where consumers lived, worked, visited, and even shopped. It allowed Amazon to get a more detailed profile of its consumers.
The proposed class action lawsuit alleges that with this unconsented access, Amazon had access to sensitive personal data including an individual’s religious affiliation, sexual orientation, and health issues. Using this data, Amazon was able to custom-tailor ads that users saw.
The backdoor code is said to have been embedded in popular apps including NewsBreak and Speedtest by Ookla without consumers’ consent. The lawsuit also alleges that Amazon collected consumer geolocation data and sold it to third parties.
Kolotinsky says he downloaded and used the Speedtest by Ookla app. When he did that, he says Amazon gained access to his sensitive data without his consent, violating his consumer privacy laws.
The lawsuit reads, “[Amazon’s] business model is to collect information from consumers and sell access to its ill-gotten data to brands and advertisers.” The complaint alleges that “Amazon has effectively fingerprinted consumers and has correlated a vast amount of personal information about them entirely without consumers’ knowledge and consent.”
Among the violations Amazon allegedly engaged in include a section of the California penal code and California’s Comprehensive Computer Data Access and Fraud Act. The complaint is seeking $5,000 per violation from the company on the violation of the state's penal code and additional damages on the second claim. The lawsuit is seeking over $5 billion in damages.
Similar claims have been filed against other tech companies in recent years because of deceptive targeting and collection of data. Most recently, the Federal Trade Commission took legal action against Mobilewalla, Gravy and its subsidiary Venntel, InMarket and X-Mode and its successor Outlogic because of their engagement in collecting and selling sensitive consumer data.