The Location Data Broker Industry
80 California-registered data brokers collect precise geolocation data. 12 of them also collect reproductive-health-adjacent or minors\u2019 data. The FTC has issued 5 major enforcement actions against location brokers since 2024. This is the industry, the enforcement, and the opt-out path.
Location brokers identified
80
FTC enforcement actions (2024)
5
Also collecting sensitive data
12
FTC enforcement actions against location data brokers (2024)
The FTC has pursued an unprecedented wave of enforcement against location data brokers since early 2024. Each of these actions establishes precedent and creates industry-wide compliance pressure.
X-Mode Social / Outlogic
2024-04Permanent ban on selling sensitive location data
First FTC order permanently banning a data broker from selling sensitive location data. X-Mode/Outlogic failed to remove sensitive locations (medical clinics, places of worship) from raw data it sold until May 2023.
Mobilewalla
2024-12Ban on selling sensitive location data; restrictions on ad-auction data use
FTC’s first case alleging that collecting consumer data from online ad auctions for purposes other than participating in those auctions is an unfair act. Mobilewalla banned from selling sensitive location data revealing private-home identity.
InMarket Media
2024-01Prohibition on selling precise location data
FTC settled with InMarket for collecting and using precise location data to create targeted advertising segments without obtaining user consent.
Gravy Analytics / Venntel
2024-12Sale restrictions; deletion of historical sensitive location data
FTC alleged Gravy Analytics and its subsidiary Venntel unlawfully tracked consumers at sensitive locations including healthcare facilities, military bases, and places of worship. Ordered to delete historical data and implement sensitive-location list.
Avast
2024-02Ban on selling web browsing data for advertising · $16.5M
Avast’s subsidiary Jumpshot sold user web-browsing data to advertisers after promising users that antivirus-related data collection would protect them. $16.5M settlement; permanent ban on selling or licensing web browsing data for advertising purposes.
80 California-registered location data brokers
Companies that self-reported collecting precise geolocation data in their California Privacy Protection Agency registry disclosure. Source: The Markup + CalMatters data-broker investigation. Click a broker to open its opt-out page directly.
"repro" = collects reproductive-health-adjacent data \u00b7 "minors" = collects data on minors \u00b7 "hiding" = caught using noindex/robots.txt to hide opt-out page
Stop location tracking at the source
Opt out of location data brokers for $2
OfflistMe generates CCPA-compliant deletion requests for major location brokers in one run. Send from your own inbox.
Start for $2 →FAQ
What is a location data broker?+
A location data broker specifically collects, aggregates, and sells data about where a person or device physically is — typically from mobile device SDKs embedded in apps. The data is precise enough to identify visits to hospitals, churches, abortion clinics, gun ranges, courthouses, and other sensitive places. Major examples: X-Mode, Mobilewalla, Venntel, Cuebiq, InMarket, Gravy Analytics.
How do location data brokers get my location?+
Mobile apps embed SDKs (software development kits) from location data brokers. Free weather, dating, flashlight, and game apps are common carriers. When you grant the app location access, the SDK relays that data back to the broker. You may have given this permission indirectly when installing any of dozens of apps.
Is this legal?+
The legal landscape is tightening. The FTC has issued five major enforcement actions against location data brokers since 2024 (X-Mode, InMarket, Mobilewalla, Gravy Analytics, Avast) under Section 5 unfair practices. Washington’s MHMDA requires opt-in consent for health-adjacent location data. California CCPA requires opt-out of sale. Outside the US, GDPR Article 9 treats precise geolocation as sensitive data requiring explicit consent.
How do I stop location data brokers from tracking me?+
Three layers. (1) iOS/Android: revoke location permissions for apps that don’t need them; use "only while using the app" everywhere; enable "Ask next time" regularly. (2) Advertising identifier: reset and limit ad tracking (iOS: Settings > Privacy > Tracking; Android: Settings > Privacy > Ads). (3) Direct opt-out: send deletion requests to each broker. OfflistMe covers major location brokers in the $2 run.
Does "incognito" or VPN stop location brokers?+
No. Incognito mode affects browser history only; VPNs mask your IP but not device-level location permissions. Location data brokers get data from SDKs inside apps that have direct GPS access — none of which is affected by incognito or VPN. The only reliable stops are revoking app permissions and sending deletion requests.
Can I sue a location data broker?+
Rarely under federal law. Under Illinois BIPA, if the broker collects biometric data alongside location, there is a private right of action with $1,000-$5,000 per violation. Washington MHMDA includes a private right of action via the state Consumer Protection Act for health-data violations. Most other state and federal claims must go through the AG or FTC.