Nowadays, almost every app you download asks for location permissions, which means it wants to track your location and movements. For an app like Google Maps, requesting location access makes perfect sense. It is also reasonable Apps like Uber or DoorDashwhich relies on location for its services.
However, many apps that have nothing to do with location still ask for it, and we often grant these permissions without thinking twice. When you give an app access to your location, that data is stored and, in some cases, may be sold. According to Texas Attorney General Ken Paxton, this practice is not uncommon.
A recent lawsuit filed by Paxton alleges that insurance company Allstate collected and sold location data 45 million American smartphones.
Introducing the latest and greatest AIRPODS PRO 2
Illustration of a company tracking customer data. (Kurt “CyberGuy” Knutson)
Allstate was allegedly collecting and stealing data
In a press releasePaxton announced that he has filed a lawsuit against Allstate and its subsidiary, Arity, for illegally collecting, using and selling data about the location and movements of Texas residents’ cell phones. The data was collected through software secretly integrated into mobile applications, such as Life360. “Allstate and other insurance companies then used the secretly obtained data to justify raising insurance rates in Texas.” The press release stated that.
The insurer allegedly collected trillions of miles worth of location data from more than 45 million Americans nationwide. The data was reportedly used to build “the world’s largest driving behavior database.” When customers sought a quote or renewed their coverage, Allstate and other insurers allegedly used the database to justify raising their auto insurance premiums.
What is artificial intelligence (AI)?
Paxton claims the actions violated the law Texas data privacy and security law. The lawsuit alleges that customers were not clearly informed that their data was being collected and did not consent to the practice.
“Our investigation revealed that Allstate and Arity paid mobile apps millions of dollars to install Allstate’s tracking software,” Paxton said. “Millions of Americans’ personal data was sold to insurance companies without their knowledge or consent in violation of the law. Texans deserve better and we will hold all of these companies accountable.”
We’ve reached out to Allstate and Arity for comment. A representative for Allstate Corporation provided CyberGuy with this statement: “Arity helps consumers get the most accurate auto insurance quote after they agree in a simple, transparent manner that fully complies with all laws and regulations.”
Illustration of a person showing how company tracking works. (Kurt “CyberGuy” Knutson)
A massive security vulnerability that puts most popular browsers on Mac at risk
Automakers seem to do this all the time
Car manufacturers have also been accused of selling similar data to insurance companies. Last year, Paxton sued General Motors for allegedly collecting and selling the private driving data of more than 1.5 million Texans to insurance companies without their knowledge or consent. In addition to insurance companies, data brokers are frequent buyers of customer data. Critics say these brokers fail to adequately protect information, making it vulnerable to hackers. Earlier this month, The hackers claimed For hacking Gravy Analytics, a major location data broker and parent company of Venntel, known for selling smartphone location data to US government agencies.
Illustration of a hacker looking into someone’s personal data. (Kurt “CyberGuy” Knutson)
How to remove your private data from the Internet
5 ways to stay safe from unwanted tracking
1. Avoid installing the insurance company’s app: Many insurance companies encourage users to download their apps to “simplify” claims, payments, or policy management. However, these apps often collect and track your location data under the guise of improving their services. If the app isn’t strictly necessary, manage your account through the company’s website or contact customer service directly instead.
2. Do not grant site permissions unnecessarily: When an app requests location access, ask yourself whether it really needs this information to function. For example, a weather app might need rough location data, but a flashlight app doesn’t. Always choose “Deny” or “Allow only while using the app” unless absolutely necessary. Most modern devices also allow you to provide an approximate location rather than an exact location, which is a safer option when location access is unavoidable.
3. Review and manage app permissions regularly: Over time, you may forget which apps have been granted permissions. Regularly go to your device’s app settings to check and adjust permissions. On most devices, you can access this below Settings > privacy > App permissions (Specific steps vary by operating system.) Revoke access to any apps you don’t need or look suspicious.
Get FOX Business on the go by clicking here
4. Turn off location services when not in use: Turn off location services when you don’t need them. This reduces the chances of apps or devices passively tracking you in the background. For tasks like mapping or food delivery, turn location services on temporarily, then turn them off when you’re done. For added safety, avoid contacting Public Wi-Fi service networks, which can also be used to indirectly track your location.
5. Use privacy-focused tools and apps: Invest in tools designed to protect your privacy. VPNs can hide your online location and prevent unwanted tracking while browsing. VPNs will also protect you from those who want to track and potentially determine your location and the websites you visit. For the best VPNs, see my expert review of the best VPNs for browsing the web privately on your device Windows, Mac, Android and iOS devices
Beware of encrypted PDF files as the latest trick to deliver malware to you
Key takeaway for Kurt
If Allstate is indeed illegally collecting and selling people’s location data, Attorney General Paxton is right to hold them liable by filing a lawsuit. In an age where cybercriminals exploit every opportunity to defraud individuals, companies that fail to protect customer data are unacceptable and must face the consequences. Data has become the new oil, and everyone seems keen to exploit it – often to the detriment of ordinary people. Companies that prioritize profits over privacy erode trust and put consumers at risk, making it necessary to enforce strict accountability for such practices.
CLICK HERE TO GET THE FOX NEWS APP
Do you think companies like Allstate should be required to make their data practices fully clear to customers? Let us know by writing to us at Cyberguy.com/Contact
For more tech tips and security alerts, sign up for the free CyberGuy Report newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or tell us what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most frequently asked questions about CyberGuy:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
