The Canadian authorities revealed that restaurant chain Tim Horton's has been collecting location data through its mobile app without the consent of the user.
Tim Horton's App Hacked
According to CBC News, Tim Horton's food app was caught sharing the location data of its users without their knowledge between May 2019 and August 2020.
The donut chain was supposed to be using positional information from Radar Labs in order to create targeted ads, but the food app was collecting locations every couple of minutes, whether or not the app was open.
The Canadian authorities also discovered that there were not enough contractual protections for the data that Radar Labs processed.
The clauses were very vague that Radar Labs could have used private content for its own purposes. While Radar Labs would have to anonymize the data it had collected, Canadian officials said that the contract still was not strong enough to protect the data of the users.
Also Read : Egypt crackdown on LGBT community wake-up call for Grindr and other social networking sites
The investigation on the app came after The Financial Post journalist James McLeod wrote a story revealing the extent of Tim Hortons' location-gathering habit.
The food app checked McLeod's location over 2,700 times in just five months, including when he went to Morocco. His article prompted several class action lawsuits.
The privacy offices noted that Tim Hortons' real-world data use was limited, and that TDL Group agreed to delete any relevant data together with its partners.
The company also agreed to create a privacy management program that kept its food apps from violating any privacy laws. In a statement, Tim Hortons said that it had strengthened its privacy team.
But the findings highlight the concerns about any potential app data abuse. While Tim Hortons is not known to have misused information, other companies have put data on sale and lost control.
Those types of compromises can lead to unwanted advertising on the user's end, and in extreme cases, it probes into the user's personal life.
Michael McEvoy, the privacy commissioner of British Columbia, saw the latest investigation as proof stronger oversight was needed and it would not be surprising if Canada and other countries took action.
Grindr Location Data For Sale
The Wall Street Journal reported that dating app Grindr used location data it collected from MoPub, an online ad network once owned by Twitter and put on sale through UberMedia in 2017.
The dating app curbed the practice when it limited location data collection in 2020, but there is a possibility that legacy information might still be available.
An anonymous former employee claimed that Grindr initially did not believe sharing location data with marketers posed privacy issues.
Ad executives told the company that real-time bidding, or displaying ads based on a user's immediate location, was changing the industry.
Grindr released a statement about the issue and said that its 2020 policy change meant it shared less data with advertisers than any of the massive tech platforms, and most dating app rivals, although it did not address any historical information.
Twitter said UberMedia was held to MoPub's data use restrictions at the time. While UberMedia's current owner, Near, revealed thousands of entities have access to data shared in the real-time bidding system.
The practice challenged concerns that location data without direct personal information could help trace people.
Related Article : Grindr to Go Public with $2.1 Billion Valuation and Merge With Tiga
This article is owned by Tech Times
Written by Sophie Webster