As the FTC investigates data brokers, more companies are looking to see if their data is being used without consent. App Annie has been sued for using its users’ personal information without permission.
The slashdot is a news website that publishes articles about technology, science, and the internet. In recent months, app developers have been scrutinized for their use of data brokers to collect information on users.
According to legal experts and former SEC officials, the Securities and Exchange Commission’s $10 million settlement with an analytics company this week indicates that regulators are toughening up on the data-broker sector, which investors are increasingly relying on to make trades.
The Securities and Exchange Commission said on Tuesday that App Annie Inc., a company that analyzes data about customers’ mobile app usage, has resolved securities fraud charges for deceiving developers about its privacy settings. The settlement, according to the agency, is the first of its kind against an alternative data provider, a company that provides third-party data to investors looking to forecast a company’s performance, such as geolocation records or credit card transactions.
Securities legislation in the United States allows authorities to regulate such regions if they are linked to trading. The SEC fined App Annie, a privately owned business, for fraudulently selling its data to financial companies, who then utilized the data to purchase and sell stocks.
Kelly Koscuiszka, a lawyer at New York legal firm Schulte Roth & Zabel, stated, “That is a pretty wide notion of liability.” “We see this as not just setting a precedent for what measures the SEC could take against data providers, but it also provides us some insight into how the SEC views the dangers connected with these data products.”
The Securities and Exchange Commission did not reply to a request for comment.
Ms. Koscuiszka, whose clients included App Annie customers between 2014 and 2018, the time period under investigation by the SEC, said the settlement also serves as a warning that the SEC may examine how investors select vendors that offer this kind of data.
In recent years, agency authorities investigating financial companies have inquired more about their cooperation with alternative data sources, she added.
Subscribe to our newsletter
Cybersecurity WSJ Pro
WSJ’s worldwide team of reporters and editors provide cybersecurity news, analysis, and insights.
Ms. Koscuiszka said, “I believe it puts a lot more focus on that diligence process.”
In recent years, the alternative data business has exploded as hedge funds and asset managers have poured money into studying third-party data in the hopes of gaining a competitive advantage. According to industry research company Grand View Research, global expenditure on alternative data reached $1.7 billion last year, up from $433 million in 2018.
headquartered in San Francisco App Annie gathers information from applications such as downloads, sales, and use statistics. According to the SEC, developers provided such information with App Annie on the condition that the data be anonymized and aggregated before being released to consumers between 2014 and 2018.
The analytics company, however, violated that commitment by utilizing private data in a product called Intelligence, which was offered to over 100 trading companies during the time, according to the SEC.
As part of the deal, App Annie and its former CEO, Bertrand Schmitt, did not acknowledge or deny any wrongdoing. Mr. Schmitt was fined $300,000 by the Securities and Exchange Commission, and he was banned from acting as an officer or director of a public corporation for three years.
Gary Gensler, Chairman of the Securities and Exchange Commission, appears before a Senate committee.
Evelyn Hockstein/Press Pool photo
On Tuesday, Mr. Schmitt wrote on LinkedIn that he thought App Annie’s data methods were legal and that the SEC had taken a broad interpretation of the law.
Mr. Schmitt wrote in a blog post that “we had obtained legal advice on compliance procedures and even hired an in-house compliance team,” but that “as a private company, we did not understand that our level of controls around the use of confidential data in our estimates for Intelligence Reports could form the basis of an SEC action.” In response to a request for comment, he did not reply.
Since the alleged abuses ended in 2018, App Annie claimed it had strengthened its data and compliance procedures and hired a new management team. App Annie’s CEO, Theodore Krantz, also advocated for greater regulation of his industry’s data practices.
The SEC’s latest cybersecurity or privacy-related action this year is the settlement. The agency reached a settlement with seven financial firms and an educational publisher in August over how they reported cyber events. Separately, the government issued information requests to businesses impacted by a cyberattack on SolarWinds Corp. this summer. Gary Gensler, the chairman of the Securities and Exchange Commission, has also said that the agency is exploring additional cybersecurity regulations.
According to Andrew Lawrence, a partner at law firm Skadden, Arps, Slate, Meagher & Flom LLP, the SEC has had a section devoted to cyber-enabled fraud and related problems for years.
Mr. Lawrence, who formerly worked in the SEC enforcement division, believes that the wide breadth of securities laws, combined with the regulator’s ability to intervene when investors are harmed, gives it the potential to be a strong force in changing corporate practices.
“All indications are that the enforcement division is attempting to move things through more rapidly than in the past,” he added.
Dow Jones & Company, Inc. All Rights Reserved. Copyright 2022 Dow Jones & Company, Inc. 87990cbe856818d5eddac44c7b1cdeb8