Two Users of Muslim Pro Threaten Legal Action Over Leaked Location Data
Foxglove has supported two users of Muslim Pro threaten legal action over leaked location data.
A married Muslim couple who use one of the world’s most popular prayer apps, Muslim Pro, have sent a legal letter threatening action over the misuse of their location data – the likely sale of access to their whereabouts without consent to the US military.
In their letter, London residents Najah al-Mujahed and Baraa Shiban demand that Muslim Pro account for its reported failure to protect the data of its millions of users, explain exactly which entities have accessed the couple’s location data, and take steps to retrieve their data from any entities who have received it unlawfully.
Last week, Joseph Cox reported for Vice that access to the location data of over 98 million users of Muslim Pro had potentially passed – without users’ knowledge or consent – from the Muslim Pro app, through a network of shady data brokers, to US military consumers including the US Special Operations Command.
Muslims generally use Muslim Pro to track prayer times and to locate Mecca to pray when outside their homes.
Selling access to users’ location data without informed consent violates the General Data Protection Regulation (GDPR). As well as giving Mr Shiban and Ms al-Mujahed a right to insist their data be deleted and retrieved from people who have accessed it unlawfully, the GDPR sets out significant monetary penalties in cases of major international data breaches – up to 20 million Euros or 4% of a company’s annual turnover, whichever is higher.
After the Vice story went viral, Muslim Pro issued a hasty statement a) denying knowledge of the transfer of its users’ location data to the US military and b) claiming that the contract with location data broker X-Mode was just four weeks old and was immediately terminated.
Foxglove is supporting the couple’s legal action because it could shed light on a vastly under-regulated part of the data market – the traffic in location data from popular smartphone apps through a sea of intermediaries.
Ms al-Mujahed and Mr Shiban are Yemenis who have lived for years in London. They work in diplomacy and international human rights—work that requires regular travel to sensitive and potentially risky locations in the Middle East and North Africa. They are deeply concerned at the apparent misuse of their location information and its transfer to US authorities.
You can sign up to get updates about this case and others like it, by signing up to our mailing list below.