Miami-based BLU Products, a company founded in 2009 that quickly became a surprisingly popular low-cost unlocked smartphone vendor in the US, has been embroiled in several scandals over the past few years, but one in particular continues to haunt its co-owner and President.
Samuel Ohev-Zion is singled out and called out in the FTC’s latest press release for misleading consumers regarding a matter made public way back in November 2016. Ohev-Zion, along with BLU’s various PR channels, falsely claimed they limited “third-party collection of data from users of BLU’s devices to only information needed to perform requested services.”
In reality, Chinese contractor ADUPS Technology Co. LTD gathered far more data than what was essential to its security and OS updating processes, preserving the full content of private text messages, real-time location info, call and text message logs with associated telephone numbers, contact lists, and lists of applications used and installed on unauthorized servers.
BLU’s failure to implement “appropriate security procedures” continued even after ADUPS allegedly revised its software, promising to halt unlawful data collection actions, which is why the Federal Trade Commission is now stepping in.
Under the terms of a proposed settlement, BLU must implement and maintain a “comprehensive security program that addresses security risks associated with new and existing mobile devices and protect consumer information.”
To ensure that’s the case, the FTC is mandating third-party assessments of the US smartphone vendor’s security program every two years for the next two decades. Also, BLU and Ohev-Zion are “prohibited from misrepresenting the extent to which they protect the privacy and security of personal information”, which somehow was not previously required. There’s no word on any sort of financial penalty yet, so basically, BLU compromised all its users’ privacy, lied about protecting them, getting a slap on the wrist as “punishment.”