A mobile marketing company with several high-profile clients faces a class action complaint over collection of user data.
Jessica Vasil and Christine Farag, both of Illinois, filed their complaint Oct. 21 in federal court in Chicago, accusing San Francisco-based Kiip Inc. of extracting information from smartphone users without their consent, “tracking and intercepting millions of users’ electronic communications without their knowledge,” even while they weren’t using their devices. They seek at least $5 million in damages.
Kiip displays advertising on smartphones and tablet applications, connecting software developers and third-party advertisers such as Coca-Cola, Marriott and Home Depot, according to the complaint, which further states Kiip reaches more than 100 million consumers through more than 5,000 apps.
The complaint said the alleged practices began in 2014, and induced at least one developer, Fitnesskeeper, to end its contract with Kiip and issue a public apology for the personal information extracted from users of the Runkeeper app, which has nearly 50 million users worldwide.
“Although mobile app companies collect user information, in many cases user data is also gathered by third-party software or technology integrated into a mobile app,” the complaint states. “When a consumer downloads, installs and uses a mobile app on a smartphone, she usually does not know whether the app contains third-party technology that will collect or receive information about the user and her use of the app. Rarely, if ever, are consumers’ informed of the actual identity of such third-parties.”
The complaint said Kiip uses technology known as a third-party tracker to “monitor and record information about smartphone users, including how they use their smartphone and what their usage patterns are. They also collect more personal information, such as behavior patterns, interests and data about the user’s particular device.”
According to the complaint, Kiip began working with Fitnesskeeper on Aug. 14, 2014. The ads it delivered “contained offers and promotions for various products, and were designed to appear at the moment a user completed a challenge or beat their best run time, so as to make the user feel as though they were being rewarded.”
The suit said the Norwegian Consumer Council, on May 10, 2016, filed a complaint regarding Kiip with the Norwegian Data Protection Authority based on a mobile app privacy risk study from SINTEM, “an independent scientific and industrial research organization,” which singled out apps like Runkeeper because they tend to collect detailed location and user health data — including tracking a user’s GPS location even when the phone isn’t being used.
According to the complaint, Kiip failed to notify users it was collecting the data and intercepting private electronic communications, which also means it failed to seek consent for access to and use of the personal information. One week after the Norwegian report, Runkeeper founder and CEO Jason Jacobs issued a public apology and announced Kiip technology would be removed from his company’s apps.
The class, which could include anyone in the U.S. who used Runkeeper, and subclass, Runkeeper users in Illinois, could include millions of users. The formal allegations include a violation of the Federal Wiretap Act, unjust enrichment and, for the Illinois subclass, a violation of the Illinois Eavesdropping Statute.
In addition to class certification and a jury trial, the plaintiffs seek statutory, punitive and actual damages. The subclass would seek profit disgorgement or restitution.
Attorneys from McGuire Law, of Chicago, are representing Vasil and Farag, and potentially the class of additional plaintiffs.