AppLovin Faces Regulatory Scrutiny Over Data Practices

Rapidly expanding tech company AppLovin is encountering stiff new regulations regarding its consumer data management. Reports indicate that multiple state attorneys general may be launching an investigation into the firm.

Based in Silicon Valley, AppLovin is a mobile advertising leader valued at over $200 billion, and it made headlines earlier this spring with a proposed acquisition of TikTok. However, this month has brought turbulence for the company, as the Securities and Exchange Commission (SEC) has initiated a probe into its data privacy practices.

The SEC is looking into whether AppLovin “misled investors” about its methods for data collection and ad targeting after short sellers claimed the firm improperly tracked users through digital “fingerprints” for targeted advertising.

This past Wednesday, AppLovin announced the closure of a product known as “Array.” An investigator in advertising alleged that this application was downloaded onto users’ devices without their permission. This revelation followed a claim made by Ben Edelman, a researcher engaged in short-selling, who mentioned finding source code that enabled these unauthorized downloads.

While Edelman’s claims are unverified, an AppLovin spokesperson maintained that “users must explicitly consent” to downloads and described “Array” as merely a test product.

Meanwhile, state regulators from Delaware, Oregon, and Connecticut have reportedly reached out to several short sellers, suggesting a preliminary investigation into AppLovin. Sources familiar with the matter indicate that this inquiry, which started in March and apparently continued into the summer, is centered on AppLovin’s data collection tactics.

The investigation is reportedly being spearheaded by Delaware and remains in the early stages. Several third-party data brokers linked to AppLovin have received subpoenas as part of this inquiry.

An attorney general’s office in Delaware stated they don’t comment on ongoing investigations.

In response to inquiries regarding this matter, AppLovin stated they have not been approached by any state attorney general about an investigation and pointed out that their advertising platform adheres to industry-standard policies concerning content.

Each state has its enforcement authority under laws designed to protect online users, especially concerning children under 13, such as the Children’s Online Privacy Protection Act (COPPA). Recently, a coalition of 33 states filed a lawsuit against an unnamed entity for alleged COPPA violations.

It’s unclear whether state investigators are specifically examining COPPA or other laws related to their investigation.

Despite these allegations, AppLovin’s growth trajectory seems mostly unaffected. Its interest in AI-driven software for app monetization has attracted significant attention, leading to an 80% surge in stock value this year, with the company recently joining the S&P 500.

Founded in 2012 by Adam Foroughi, John Krystynak, and Andrew Karam, AppLovin initially specialized in mobile gaming but has shifted focus toward app monetization solutions.

However, earlier this year, short-selling reports from various firms raised concerns about AppLovin’s practices. The company firmly denied these claims, with one report accusing it of illegally tracking children and infringing on federal laws.

Supporting the allegations, Fuzzy Panda Research claimed that AppLovin assigned unique digital identifiers to child accounts marked as “Do Not Track,” which contradicts policies from Apple and Google.

They further alleged that AppLovin distributed explicit ads even when parental controls were activated, featuring concerning content directed toward children.

The report’s credibility is uncertain, as independent verification hasn’t been conducted.

Both Apple and Google disallow user “fingerprinting” in their terms of service, regardless of the user’s age, although changes were made to these policies in February.

In February, one firm claimed to have evidence showing that AppLovin exploited app privileges to secretly install apps on users’ phones with minimal interaction. Research indicated a pattern of forced downloads linked to AppLovin’s Array product, with users experiencing unrequested installations while viewing ads.

Foroughi has previously denied these allegations, emphasizing that AppLovin upholds app store regulations and does not track children’s data.

These claims arise during a period when Congress is intensifying efforts to safeguard minors online, particularly in the wake of serious incidents involving underage users facing harmful content.

This year, senators proposed an updated version of COPPA aimed at banning targeted advertisements aimed at individuals under 17.

Additional legal actions have been initiated, including a lawsuit from a California individual who asserts that AppLovin tracked her movements without her consent, despite disabling location tracking on her device. This complaint alleges that AppLovin employed reverse IP lookup technology to obtain personal data for profit.