New Jersey Division of Consumer Affairs Obtains Settlement with Mobile App Developer That Allegedly Collected Consumer Information without Notice and Consent in Violation of State Law
NEWARK – The New Jersey Division of Consumer Affairs and Piscataway-based DealerApp Vantage, LLC (“DealerApp”), which develops mobile device applications (“apps”) for hundreds of motor vehicle dealerships internationally, have reached a settlement after the Division’s investigation of the alleged collection and dissemination of personal information from mobile app users without their knowledge or permission.
“Online consumers, like all other consumers, have the right to control who can view or transmit their sensitive and private personal information,” said Acting Attorney General John J. Hoffman. “This settlement will assure that the alleged violations of consumer privacy committed by DealerApp will no longer occur and will send a message to companies that violate their customers’ privacy that such conduct is unacceptable.”
DealerApp develops apps that are customized for each auto dealership by applying the branding of that specific dealership. The apps enable dealerships to market their vehicles and other services to customers and potential customers who download these apps onto their mobile device, such as a smart phone or tablet device. These apps are made available for download through the specific dealership’s website, along with various online app stores.
However, consumers who downloaded these apps were never informed that these apps transmitted personal information, not only to the dealership, but also to DealerApp. In addition, the dealerships that bought and utilized apps from DealerApp were also unaware that the company was transmitting the personal information of their customers to DealerApp.
The personal information collected by the apps and allegedly transmitted to DealerApp included the consumer’s name, email address, telephone number and the Vehicle Identification Number (VIN) of the vehicle purchased, among other data. The Division alleged that DealerApp failed to disclose to consumers that this data was being transmitted by DealerApp, in violation of the New Jersey Consumer Fraud Act. The Division also alleged that DealerApp transmitted certain information to third-party data analytics companies without disclosing this to consumers.
About 500 dealers world-wide, including 38 in New Jersey, are DealerApp clients.
“The number of threats to online privacy appear to be growing by the day,” said Steve Lee, Acting Director of the New Jersey Division of Consumer Affairs. “No one should be able to profit from the personal information of others that has been obtained through cyber fraud or violations of privacy.”
The Division of Consumer Affairs enforces the New Jersey Consumer Fraud Act, the New Jersey Computer-Related Offenses Act, and other laws that are intended to protect New Jerseyans against identity theft, unlawful invasions of privacy, and other computer-related violations.
As part of the settlement, DealerApp has agreed to pay $48,724.33 to the State, of which $38,000 is a civil penalty and the remainder is reimbursement of the State’s legal and investigative costs. Given DealerApp’s cooperation with the Division’s investigation, the Division agreed to suspend $26,224.33 of the payment amount, which will be vacated if no violations of the settlement terms occur during the next two years.
Among other things, under terms of the settlement, DealerApp must:
clearly and conspicuously disclose to its dealership customers the types of personal information it collects through its apps;
provide disclosures within its privacy policies that clearly and conspicuously disclose the types of personal information it collects from consumers through its apps;
provide disclosures within its privacy policies that clearly and conspicuously disclose its use of any third-party data analytics companies and what information such companies may collect from consumers’ use of its apps;
not sell, rent, or otherwise transfer personal information to persons or entities other than the dealership customer for which the mobile app in question was customized, without those consumers’ express consent or providing proper disclosure and offering a mechanism for opting-out such practice; and
- not engage in any unfair or deceptive acts or practices in the conduct of any business, and complying with all applicable laws and regulations in its future business dealings.
Investigator Brian Morgenstern and Team Leader Aziza Salikhova of the Division of Consumer Affairs Office of Consumer Protection conducted the investigation.
Deputy Attorneys General Glenn T. Graham, in the Division of Law’s Consumer Fraud Prosecution Section, and Elliott M. Siebers, of the Government and Healthcare Fraud Section, represented the State in this matter.
The Division's "Cyber Safe NJ" website includes important consumer protection information on "The Basics of Cyber Safety," "Preventing Identity Theft," and "Controlling Your Privacy."
Consumers who believe they have been cheated or scammed by a business, or suspect any other form of consumer abuse,
can file an online complaint with the State Division of Consumer Affairs by visiting
its website or by calling 1-800-242-5846 (toll free within New Jersey) or 973-504- 6200.
Follow the Division of Consumer Affairs on
Facebook , and check our online calendar of upcoming
Consumer Outreach events.
###
