Lookout Faces Legal Threat For Exposing ‘Bad’ Android Adware

A mobile security firm could be sued for naming and shaming a host of advertising networks, which it claimed were particularly bad offenders when it came to pushing adware through Android apps, TechWeekEurope has learned.

Lookout Mobile Security‘s report, released last week, named a handful of companies in its adware report, including LeadBolt, Moolah Media, RevMob, SellARing and SendDroid. LeadBolt is now considering its legal options as it looks at the potential for a defamation case, whilst RevMob has expressed its own concerns at the report.

Lookout better look out

Lookout said it was blocking those networks for not requesting explicit and unambiguous user consent for various actions it deemed as adware-like behaviour, such as harvesting unusual personal data. It has been cracking down on “bad ad networks that put users at risk” since May.

Lookout said adware was a scourge affecting millions of mobile users. Adware can be an irritant, by bringing up ads or related push notifications even when apps aren’t running, or a security threat, by siphoning off user data without permission.

Advertising networks, like the ones named by Lookout, act as a middleman to monetise apps by hooking up with marketers, placing their ad code inside applications. That gets money for developers without them having to try too hard.

At least two of those networks are not happy with Lookout, however, and one of them, LeadBolt, is considering legal action. Michael Kadoury, an IP protection lawyer and director at LeadBolt, told TechWeek he was surprised to see his network in the report, given others who were not named were far worse offenders.

“We really are considering whether this is defamation by Lookout putting us on that list,” Kadoury said. “If we are seeing this is going to cause adverse affects on us unnecessarily, then I will have to follow it up with the legal path.”

LeadBolt’s director said the company did ask for explicit consent. “We’ve got to make sure there is informed consent there,” he added. “We oblige all our publishers to give clear, unambiguous consent.

“We also limit [push] notifications to one per day.” Kadoury said he knew of other networks who were pushing out notifications at the rate of one an hour, but were not named by Lookout.

“That’s why I’ve got a question over the validity [of the report],” he said. “The other thing that bothers me is that Lookout isn’t completely impartial.

“They are for profit, they definitely want to sell their products, which is all about creating fear… and that encourages people to buy it.”

He said LeadBolt was involved in research with the Communications Law Centre at the University of Technology in Sydney and the country’s privacy commissioner to look into mobile technology. LeadBolt is in line with Australian law, he added.

RevMob said it was complying with rules put in place by Google. “Be sure that we comply with all Google Play policies but some anti-virus companies want to impose their own standards which can cause the warning,” said Jan Christian, head of RevMob publisher relations.

“We talked to Lookout but we can’t change our product just because they think it was supposed to be different than Google’s own policies.”

A Lookout spokesperson told TechWeek it was “in communication with some ad networks who are considering adjusting their practices to comply with our standards”.

“Our intention is not to name or shame any of these companies. Rather, we want to inform our users of the existence of adware and provide app developers with guidance and best practices for user notice and consent,” the mobile security said.

Think you know everything about Android? Try our quiz!