iTunes Users Sue Apple Over Privacy

Three iTunes users have sued Apple for allegedly disclosing information about the music they purchased on iTunes.

In a class-action complaint filed Friday, Rhode Island resident Leigh Wheaton and Michigan residents Jill Paul, and Trevor Paul accuse Apple of violating state privacy laws that prohibit companies from disclosing information about the music that people purchase.

“The data Apple discloses includes the full names and home addresses of its customers, together with the genres and, in some cases, the specific titles of the digitally-recorded music that its customers have purchased via the iTunes Store,” Wheaton and the others allege in a class-action complaint filed in U.S. District Court for the Northern District of California.

They add that data brokers then append that data to other information about iTunes customers, and re-sell highly detailed lists of consumers.

advertisement

advertisement

“For example, any person or entity could rent a list with the names and addresses of all unmarried, college-educated women over the age of 70 with a household income of over $80,000 who purchased country music from Apple via its iTunes Store mobile application,” the complaint alleges. “Such a list is available for sale for approximately $136 per thousand customers listed.”

Apple's privacy policy says the company does not sell or transmit personally identifiable information. The company did not respond to MediaPost's request for comment on the lawsuit.

Apple says in its privacy policy that the company enables ad targeting by assigning people to audience segments; those segments include at least 5,000 people, in an attempt to protect users' privacy.

The company also says it allows advertisers to send targeted ads to people based on identifiers like their phone numbers and email addresses. But those identifiers are “obscured” during the ad-matching process, in order to limit disclosure of personally identifiable information, according to Apple.

The complaint alleges that Apple violated the Michigan Preservation of Personal Privacy Act, and the Rhode Island Video, Audio and Publication Rentals Privacy Act.

The Rhode Island law makes it illegal to disclose “any records which would identify the names and addresses of individuals, with the titles or nature of video films, records, cassettes, or the like, which they purchased, leased, rented, or borrowed, from libraries, book stores, video stores, or record and cassette shops or any retailer or distributor of those products.”

The Michigan law contains a similar prohibition, but was amended in 2016 to specifically information that “has been aggregated or has been processed in a manner designed to prevent its association with an identifiable customer.” Some of the activity alleged in the complaint occurred before July 31, 2016 -- the date that amendment took effect.

Rhode Island's Wheaton alleges in the complaint that she “now receives junk mail” that wastes her “time, money, and resources” as a result of as a result of the alleged disclosures by Apple.

News of the lawsuit comes as Silicon Valley is under increasing scrutiny over privacy practices.

Apple CEO Tim Cook is among the voices calling for new laws. Earlier this year, he argued in a Timeop-ed that companies should minimize the personal data they collect, and allow customers to access data about themselves. He added that consumers should be able to learn how their data is “bundled and sold” and that they should be able to “delete their data on demand, freely, easily and online, once and for all.”

Next story loading loading..