X
CNET logo Why You Can Trust CNET

Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement

Blu phone maker settles with FTC over data privacy

The company, which makes low-priced phones popular on Amazon, reaches an agreement that subjects it to third-party security reviews for the next 20 years.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
2 min read
Blu Life Play

Blu has reached a settlement with the FTC over privacy concerns with its phones. 

Sarah Tew/CNET

The company behind low-priced, top-selling phones on Amazon has reached a settlement with the US Federal Trade Commission over privacy practices.

After security researchers discovered in 2016 that Blu's phones were sending personal data -- including text messages, contact lists and locations -- to servers in China, the Florida-based company said it would update the software to fix the "mistake." Eight months later, the same security researchers found that Blu phones were still siphoning off the same data to Chinese servers.  

The issue is tied to preinstalled software from a company called Shanghai Adups Technology. The software, which Blu uses to help update phones, mined data and couldn't be removed. Blu didn't tell consumers their phones were sending that data to Chinese servers, according to the FTC.

On Monday, the FTC announced that it has reached a settlement with Blu, in which the company agrees to a security plan regarding security risks with all its devices, both new and old. Blu will also be required to undergo third-party checks every two years for the next 20 years. Blu and its president, Samuel Ohev-Zion, will also be prohibited from misleading the public about how it protects people's privacy. 

Blu didn't respond to a request for comment. 

Breaking the terms of the settlement could result in a fine of up to $41,484 for each violation, according to FTC. Blu has sold more than 50 million devices and is still among the top 5 selling unlocked phones on Amazon.  

After Amazon learned of Blu's privacy issues last July, it briefly suspended the company from selling on its website but let Blu return in about a week

The settlement isn't final. It's open for public comment until May 30. 

Blockchain Decoded:  CNET looks at the tech powering bitcoin -- and soon, too, a myriad of services that will change your life.

Follow the Money: This is how digital cash is changing the way we save, shop and work.