Privacy Watchdog Brings Suite of Utility Apps into Compliance with Digital Ad Privacy Best Practices

For Immediate Release
Contact: Abby Hills, Director of Communications, BBB National Programs

703.247.9330 / press@bbbnp.org

Arlington, VA – October 8, 2020 – BBB National Programs’ privacy watchdog, the Digital Advertising Accountability Program (DAAP), today released the result of a new data privacy case for Belarus-based app publisher BPMobile.

DAAP monitors the mobile app marketplace for popular apps to test for compliance with the Digital Advertising Alliance’s (DAA) Self-Regulatory Principles, best practices for web and mobile app privacy. The privacy watchdog identified BPMobile during a survey of popular utility apps, beginning its examination with a network traffic test of BPMobile’s iScanner app, a popular scanning and pdf conversion app that has 10 million downloads in the Google Play Store.

DAAP found that the app was authorizing third-party adtech companies to collect device IDs and geolocation data, leading DAAP to then test BPMobile’s full suite of mobile apps. After a full forensic analysis, the BBB National Programs privacy unit found that the publisher appeared out of compliance with the DAA Principles.

DAAP swiftly reached out to BPMobile and opened a formal review with the company.

"When DAAP sees location data collection for IBA without the right level of transparency and control, it's our mission to get to the bottom of things and help companies reach compliance with the Principles,” said Jon Brescia, Vice President, DAAP. “We appreciate the actions BPMobile took on the points we raised in our inquiry letter."

After discussions with DAAP, BPMobile took decisive action to come into compliance with the DAA Principles. The company:

  • Disabled the third-party collection of location data across all its apps 
  • Updated its privacy policies across all apps to include an enhanced notice jump link that takes users to information about interest-based advertising
  • Updated its privacy policies to provide opt-out tools
  • Added a statement of adherence to the DAA Principles to its privacy policies


Today’s case release brings to 123 the public actions taken by DAAP since the program began its self-regulatory mission in 2011 and its 10th privacy action in 2020.

###

About BBB National Programs: BBB National Programs is where businesses turn to enhance consumer trust and consumers are heard. The non-profit organization creates a fairer playing field for businesses and a better experience for consumers through the development and delivery of effective third-party accountability and dispute resolution programs. Embracing its role as an independent organization since the restructuring of the Council of Better Business Bureaus in June 2019, BBB National Programs today oversees more than a dozen leading national industry self-regulation programs, and continues to evolve its work and grow its impact by providing business guidance and fostering best practices in arenas such as advertising, child-directed marketing, and privacy. To learn more, visit bbbprograms.org.

About the Digital Advertising Accountability Program: The Digital Advertising Accountability Program (DAAP), a division of BBB National Programs, was developed by the Digital Advertising Alliance (DAA) to enforce industry self-regulation principles for data privacy in online and mobile advertising, holding companies accountable to the DAA’s Privacy Principles. DAAP provides guidance to companies looking to comply with industry principles and responds to complaints filed by consumers about online privacy. 

Latest News

Closure

DSSRC Administrative Closure #98

The Direct Selling Self-Regulatory Council (DSSRC) contacted a direct selling company (“Company”) regarding two Instagram posts and one Facebook post disseminated by the Company’s salesforce members. The subject claims and social media posts came to DSSRC’s attention pursuant to its independent monitoring of advertising in the direct selling marketplace. 
Read more
Closure

DSSRC Administrative Closure #97

The Direct Selling Self-Regulatory Council (“DSSRC”) inquired about an Instagram post disseminated by a direct selling company’s (“Company”) salesforce member. The post in question inferred that the Company’s product could protect users from the coronavirus. DSSRC noted that at the time the post was disseminated, the Centers for Disease Control and Prevention, the World...
Read more
Closure

DSSRC Administrative Closure #96

The Direct Selling Self-Regulatory Council (“DSSRC”) contacted a direct selling company (“Company”) regarding three Facebook posts disseminated by salesforce members that included claims that the Company’s products can assist in treating a number of serious health-related conditions including, but not limited to, Alzheimer’s, Parkinson’s disease and Multiple...

Read more
Closure

DSSRC Administrative Closure #95

The Direct Selling Self-Regulatory Council (DSSRC) contacted a direct selling company (“Company”) regarding two Facebook posts that referenced the ability of one of the  Company’s products to treat a number of health-related conditions including, but not limited to, heart disease, Alzheimer’s, diabetes and depression. Both of the posts were disseminated by the Company’s...
Read more