These days, almost every app you download asks for location permissions, which means it wants to track where you are and what you move. For an app like Google Maps, requesting location access makes perfect sense. It is also reasonable for apps like Uber or DoorDashthat depend on location for their services.
However, many apps that have nothing to do with location still ask for it, and we often grant these permissions without thinking twice. When you give an app access to your location, that data is stored and in some cases even sold. According to Texas Attorney General Ken Paxton, this practice is not uncommon.
A recent lawsuit filed by Paxton alleges that the insurance company Allstate collected and sold location data 45 million American smartphones.
I’M GIVING AWAY THE LATEST AND BEST AIRPODS PRO 2
Illustration of a company that keeps track of customer data. (Kurt “CyberGuy” Knutsson)
Allstate allegedly collected and stole data
In one press releasePaxton announced that he had sued Allstate and its subsidiary Arity for unlawfully collecting, using and selling data on the location and movements of Texans’ cellphones. The data was collected through covertly embedded software in mobile apps, such as Life360. “Allstate and other insurers then used the secretly obtained data to justify raising Texans’ insurance rates,” said the press release.
The insurance company is said to have collected trillions of miles of location data on more than 45 million Americans across the country. The data has reportedly been used to build “the world’s largest driver behavior database.” When customers sought a quote or renewed their coverage, Allstate and other insurance companies allegedly used the database to justify increasing auto insurance premiums.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Paxton claims the actions violated the Texas Data Privacy and Security Act. The lawsuit alleges that customers were not clearly informed that their data was being collected and that they did not consent to this practice.
“Our investigation revealed that Allstate and Arity mobile apps paid millions of dollars to install Allstate’s tracking software,” Paxton said. “Millions of Americans’ personal information has been sold to insurance companies without their knowledge or consent, in violation of the law. Texans deserve better and we will hold all of these companies accountable.”
We’ve reached out to Allstate and Arity for comment. A representative from Allstate Corporation provided CyberGuy with the following statement: “Arity helps consumers get the most accurate auto insurance price after opting in, in a simple and transparent manner that is fully compliant with all laws and regulations.”
Illustration of a person explaining how company tracking works. (Kurt “CyberGuy” Knutsson)
HUGE SECURITY Flaw PUT MAC’S MOST POPULAR BROWSERS AT RISK
Apparently car manufacturers do this all the time
Automakers have also been accused of selling similar data to insurance companies. Last year, Paxton sued General Motors for allegedly collecting and selling the private driving data of more than 1.5 million Texans to insurance companies without their knowledge or consent. In addition to insurance companies, data brokers are frequent buyers of customer data. Critics say these brokers fail to adequately protect the information, leaving it vulnerable to hackers. Earlier this month, hackers claimed to have breached Gravy Analytics, a major location data broker and the parent company of Venntel, which is known for selling smartphone location data to US government agencies.
Illustration of a hacker viewing someone’s personal information. (Kurt “CyberGuy” Knutsson)
HOW TO DELETE YOUR PRIVATE DATA FROM THE INTERNET
5 ways to stay safe from unwanted tracking
1. Avoid installing the insurance company app: Many insurance companies encourage users to download their apps to “simplify” claims, payments or policy management. However, these apps often collect and track your location data under the guise of improving their services. If the app is not absolutely necessary, manage your account via the company’s website or contact customer service directly.
2. Don’t grant unnecessary location permissions: When an app asks for location access, ask yourself if it really needs this information to function. For example, a weather app might need approximate location data, but a flashlight app might not. Always choose ‘Deny’ or ‘Allow only while using the app’ unless absolutely necessary. Most modern devices also allow you to provide an approximate location rather than an exact location, which is a more secure option when access to the location is unavoidable.
3. Check and manage app permissions regularly: Over time, you may forget which apps have been granted permissions. Periodically browse your device’s app settings to check and adjust permissions. On most devices you can access this via institutions > privacy > app permissions (specific steps vary by operating system). Revoke access for apps that don’t need it or seem suspicious.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
4. Disable location services when not in use: Turn off location services if you don’t need them. This reduces the chance of apps or devices passively tracking you in the background. For tasks like creating maps or delivering food, turn location services on temporarily and turn them off when you’re done. For extra security, you should not connect to public wifi networks, which can also be used to track your location indirectly.
5. Use privacy-focused tools and apps: Invest in tools designed to protect your privacy. Virtual private networks (VPNs) can mask your location online and prevent unwanted tracking while browsing. VPNs also protect you from those who want to track and identify your potential location and the websites you visit. For the best VPN software, see my expert review of the best VPNs for privately surfing the web Windows, Mac, Android and iOS devices
BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU
Kurt’s most important takeaway
If Allstate is indeed unlawfully collecting and selling people’s location data, Attorney General Paxton is right to hold them accountable by filing a lawsuit. In an age where cybercriminals use every opportunity to defraud individuals, companies that fail to protect customer data are unacceptable and must face the consequences. Data has become the new oil and everyone seems eager to tap into it – often at the expense of ordinary people. Companies that put profit over privacy undermine trust and put consumers at risk, making it critical to enforce strict accountability for such practices.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Do you think companies like Allstate should be required to make their data practices crystal clear to customers? Let us know by writing to us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter by visiting Cyberguy.com/Newsletter
Ask Kurt a question or let us know which stories you would like us to cover.
Follow Kurt on his social channels:
Answers to the most frequently asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
