Dec 11, 2013 · 2 minutes

The Federal Trade Commission last week settled with Goldenshore Technologies, the company behind a popular flashlight app that secretly collected and shared user information with advertisers.

I previously wrote that the settlement serves as a reminder that government agencies aren't the only ones secretly monitoring many Internet users. Still, I noted that "there is an obvious difference between the mass surveillance perpetuated by the NSA and other government agencies and a consumer app selling its users’ data to advertisers." Now it seems that this might not always be true.

The Washington Post yesterday reported that the National Security Agency and its British counterpart, GCHQ, are using advertisers' data to "pinpoint targets for hacking." The same tools used to personalize ads or provide location-based offers are also apparently allowing these agencies to identify, track, and target specific Internet users.

Some might argue that those who allow advertisers to track their Internet activities shouldn't be surprised when that information is used for another purpose. But as the FTC's settlement with Goldenshore Technologies shows, this information can be collected without users' consent -- or even against their will. And there's little anyone can do about it.

Then there's Google's recent settlement with the FTC, through which it paid $17 million to "settle allegations by 37 states and the District of Colombia that it secretly tracked Web users by placing special digital files on the Web browsers of their smartphones," as Reuters reported. One of the world's largest technology companies (allegedly) over-rode a Web browser's security measures so that its advertising business, which accounts for the majority of its revenues, could better target iPhone and iPad users.

It seems then that these companies are willing to ignore their users' wishes (Goldenshore Technologies) or bypass a browser's security measures (Google) to better monetize users by gathering and sharing their online activity and physical location with third parties. That information is then used by these government agencies for their own purposes, effectively creating a system through which Internet users' privacy is being violated in more ways than one.

As I concluded last week:

No wonder President Obama isn’t allowed to own an iPhone. This app affected tens of millions of consumers before the FTC forced it to delete their personal information and better respect their wishes in the future. It’s much easier to use a BlackBerry and play “BrickBreaker” until the end of time than it is to figure out what apps are safe to use on other platforms.
That admonition isn't restricted to apps. This latest report shows that in addition to gathering data from telecoms providers and the connections between data servers, these agencies are using the technologies on which much of the consumer Web has been built to launch attacks against its targets.

[Illustration by Hallie Bateman for PandoDaily]