Location & Geolocation Data Brokers

Your phone is the product

Location Data Brokers: Your Phone is the Product

Location data brokers collect precise GPS coordinates from your smartphone, typically through SDKs embedded in apps or through the real-time ad bidding process. This data reveals where you live, work, worship, seek medical care, and who you associate with. It is among the most sensitive data collected about you.

Gravy Analytics / Unacast / Venntel

What they are: Gravy Analytics merged with Norwegian-founded Unacast in November 2023, creating one of the largest location data companies.^[1] Its wholly-owned subsidiary Venntel is a government contractor selling the same data to law enforcement.^[2]

What data they have: More than 17 billion location signals daily from approximately 1 billion smartphones.^[2] They do not embed SDKs directly into apps; they acquire all data indirectly through other data brokers including Complementics, Predicio, and Mobilewalla.^[3]

Who buys it: Venntel's customers include ICE, CBP, FBI, DEA, and IRS.^[4] Commercial customers include advertisers and analytics firms.

Enforcement: The FTC took action against Gravy and Venntel on December 3, 2024, for unlawfully selling sensitive location data tracking consumers at health facilities, places of worship, and other sensitive locations.^[2] The FTC finalized the order on January 14, 2025, prohibiting Gravy and Venntel from selling or using sensitive location data without a direct consumer relationship with affirmative opt-in consent, requiring a "sensitive location data program" identifying and blocking flagged categories, and ordering deletion of all historic precise location data and derived products.^[40] In January 2025, simultaneously with the finalized FTC order, Gravy suffered a massive data breach after a hacker accessed its AWS S3 cloud storage, exposing approximately 17 terabytes of location data covering millions of smartphones.^[5]

Outlogic (formerly X-Mode Social)

What they are: Collected location data from hundreds of apps including Muslim Pro, one of the most popular Muslim prayer apps worldwide (98+ million downloads).^[6] Renamed from X-Mode Social in August 2021 after public backlash over selling location data from Muslim prayer apps to the U.S. military. Acquired by Digital Envoy and rebranded as Outlogic.^[7]

Who buys it: Pentagon contractors, commercial advertisers.^[6]

Enforcement: Banned by both Apple and Google app stores in December 2020.^[8] In January 2024, the FTC proposed an order banning Outlogic from selling precise location data — the FTC's first-ever such prohibition — finalized in April 2024.^[9]

Name history: X-Mode Social → Outlogic (Aug 2021, acquired by Digital Envoy) → FTC enforcement

Babel Street (Locate X)

What they are: Government contractor headquartered in Reston, Virginia.^[10] Sells location data through its "Locate X" product, which allows clients to draw digital fences around any location on earth and track every device that enters or exits.^[11]

Who buys it: CBP, ICE, FBI ($27 million contract for 5,000 Babel X social media surveillance licenses, March 2022^[12]), OFAC, U.S. Treasury^[13], Secret Service.^[14] Also provides social media intelligence (OSINT) across 200+ languages.^[15]

Fog Data Science (Fog Reveal)

What they are: Secretive company selling mass surveillance tools to local police departments. Claims "billions" of data points on "over 250 million" devices.^[16]

What they sell: Access through the Fog Reveal web application for under $10,000/year.^[16] Creates "patterns of life" analyses that track individuals' movements over time without requiring search warrants.^[17] Approximately 40 contracts across nearly two dozen law enforcement agencies.^[18]

Mobilewalla

What they are: Claims coverage of 40+ countries and 5+ years of historical data. As of 2021, Mobilewalla reported 1.9 billion+ devices and 50 billion mobile signals daily; the company has since updated these figures to 2.2 billion devices and 75 billion+ signals daily.^[19]

Enforcement: The FTC initially took action against Mobilewalla in December 2024 and finalized the order on January 14, 2025 — the first-ever FTC allegation that collecting data from real-time bidding (RTB) exchanges for non-advertising purposes constitutes an unfair practice.^[41] The order prohibits Mobilewalla from selling or using location data linked to religious organizations, LGBTQ+ venues, healthcare clinics, and labor union offices, bans misrepresentation of its data deidentification practices, and requires deletion of historic sensitive location data.

Kochava, Inc.

What they are: Idaho-based location data broker providing precise geolocation data and consumer profiles through "Kochava Collective."^[21]

Enforcement: Sued by the FTC in August 2022 for selling data tying individuals to sensitive locations including reproductive health clinics and places of worship.^[22] After nearly four years of litigation, Kochava reached a settlement with the FTC on February 27, 2026.^[42]^[43] The settlement requires Kochava to implement a "privacy block" feature for at least two years preventing the sharing or use of raw location data associated with healthcare facilities, schools, jails, and other sensitive venues, and to obtain consent attestations from data sources claiming to have direct consumer relationships.

InMarket Media

What they are: Location data company.

Enforcement: Subject of a 2024 FTC settlement that banned InMarket from selling or sharing precise consumer location data and from targeting consumers based on sensitive location data.^[23] The order, finalized in May 2024, also required deletion of all previously collected location data.^[24]

Foursquare (absorbed Factual)

What they are: Merged with Factual in April 2020, combining two of the largest location datasets in the world: 500 million+ devices, 25 million opted-in users, 105+ million points of interest across 190 countries.^[25] At the time of the merger, the combined entity generated $150+ million in annual revenue across more than 20 global markets, trusted by Microsoft, Uber, Samsung, Snap, and more than half of the Fortune 100.^[25]

SafeGraph

What they are: Sold location data including Planned Parenthood visit data; Vice/Motherboard purchased a week's worth of location data for over 600 Planned Parenthood locations for just over $160.^[26] Agreed to permanently stop selling data collected at abortion clinics after pressure from Senator Elizabeth Warren and Congressional colleagues.^[27] Purchased location data from the family safety app Life360.^[28] Spun off its academic data access program into a separate company called Dewey Data in 2022.^[29]

Near (formerly Near Intelligence)

What they are: Described itself as "The World's Largest Dataset of People's Behavior in the Real-World" with data representing 1.6 billion people across 44 countries.^[30] Filed for Chapter 11 bankruptcy on December 8, 2023.^[31] Assets were subsequently sold through bankruptcy court to a new entity called Azira.^[32]

Criminal charges: In August 2025, the DOJ's Southern District of New York indicted Near Intelligence founder and CEO Anil Mathews and CFO Rahul Agarwal, along with MobileFuse CEO Kenneth Harlan, on securities fraud charges. Prosecutors alleged a scheme to fraudulently inflate Near's reported revenue by approximately $25 million. Mathews was arrested in France pending extradition proceedings.^[44]

Other Location Data Brokers

Placer.ai – Foot traffic analytics for retail and real estate. Committed to permanently stop selling abortion clinic visit data after Congressional pressure from Senator Elizabeth Warren.^[27]

Cuebiq – Geo-behavioral targeting. Privacy-centric positioning.

GroundTruth (formerly xAd) – Location-based marketing and advertising. Rebranded from xAd in June 2017.^[33]

PlaceIQ – Consumer movement patterns for advertisers.

NinthDecimal (formerly JiWire) – Mobile audience location insights. Rebranded from JiWire in June 2014.^[34]

Predicio – Paris-based intermediary purchasing app-derived location data and selling to companies like Gravy Analytics.^[35]

Complementics – Claims data on "more than a billion mobile device IDs."^[36] Sold data to Gravy Analytics.

MaxMind – IP geolocation databases for content personalization and fraud prevention.

Digital Envoy – Patented IP-based geotargeting technology (through its Digital Element division). Acquired X-Mode Social in August 2021 and rebranded it as Outlogic.^[7]

General Motors / OnStar – Sold precise geolocation and driving behavior data from millions of connected vehicles to consumer reporting agencies, which used it to set auto insurance rates — collected as frequently as every 3 seconds per vehicle. Subject of FTC enforcement;^[46] order finalized January 14, 2026 imposes a 5-year ban on sharing data with CRAs and a 20-year affirmative consent requirement.^[47] See also: Vehicle & Driving Data section.

Arity (Allstate): SDK-Embedded Mass Location Surveillance

What they are: Arity is an Allstate subsidiary that collects driving behavior and precise geolocation data through SDKs embedded in third-party apps — including Life360, GasBuddy, and others — without clearly disclosing to users that their data would be sold to insurers. Arity claimed coverage of over 45 million consumers.^[45]

Enforcement: On January 13, 2025, the Texas Attorney General filed suit against Allstate and Arity, becoming the first enforcement action under the Texas Data Privacy and Security Act (TDPSA) — and the first enforcement action under any state comprehensive consumer data privacy law in the United States. The complaint alleged that Arity collected and sold consumers' sensitive geolocation data without required disclosures or consent.^[45] As of March 2026, no resolution had been announced.

Life360: The Family Safety App That Sold You Out

Life360, used by approximately 33 million people globally at the time of the investigation (the app has since grown to over 95 million monthly active users^[37]), was investigated by The Markup in December 2021 for selling precise location data to approximately a dozen data brokers.^[28] After announcing it would stop, the company was later found creating audience segments based on user location visits and selling them through LiveRamp's Data Marketplace in August 2024.^[38] A class action lawsuit (E.S. v. Life360) was filed in January 2023 alleging Life360 secretly sold users' geolocation data, but the case was voluntarily dismissed with prejudice in November 2023.^[39]

Sources

[1] PR Newswire: Gravy Analytics/Unacast Merger (Nov 29, 2023)

[2] FTC: Gravy Analytics/Venntel Enforcement (Dec 3, 2024) – Venntel wholly-owned subsidiary; 17B signals daily, ~1B devices

[3] FTC Complaint: Gravy Analytics – No direct SDKs; acquires data from Complementics, Predicio, Mobilewalla

[4] EFF: How the Federal Government Buys Our Cell Phone Location Data – Venntel customers: ICE, CBP, FBI, DEA, IRS

[5] TechCrunch: Gravy Analytics Data Breach (Jan 2025) – 17TB of location data exposed via AWS S3

[6] Vice/Motherboard: U.S. Military Buys Location Data from Muslim Pro via X-Mode

[7] Technical.ly: X-Mode Rebranding as Outlogic After Digital Envoy Acquisition (Aug 2021)

[8] Vice: Apple and Google Push X-Mode Out of App Stores (Dec 2020)

[9] FTC: X-Mode/Outlogic Final Order – First-Ever Location Data Sale Ban (Apr 2024)

[10] Dun & Bradstreet: Babel Street, Inc. (Reston, VA)

[11] KrebsOnSecurity: The Global Surveillance Free-for-All in Mobile Ad Data – Locate X geofencing product description

[12] FedScoop: FBI Purchases 5,000 Babel X Licenses ($27M, March 2022)

[13] The Intercept: U.S. Treasury Is Buying Private App Data via Babel Street – OFAC use of Locate X

[14] Vice: Secret Service Bought Phone Location Data from Babel Street

[15] Babel Street: OSINT Streams – 200+ languages

[16] EFF: Inside Fog Data Science – Billions of data points, 250M+ devices, under $10K/year

[17] PBS News: Fog Reveal “Patterns of Life” Mass Surveillance

[18] AP/PBS: ~40 Contracts Across Nearly Two Dozen Agencies (via GovSpend)

[19] The Markup: The Multibillion-Dollar Market for Phone Location Data – Mobilewalla 40+ countries, 1.9B+ devices, 50B signals (2021 figures)

[20] FTC: Mobilewalla Enforcement – First RTB Data Collection Prohibition (Dec 2024)

[21] Kochava: Kochava Collective – Mobile data marketplace

[22] FTC: Kochava Lawsuit (Aug 2022) – Reproductive health clinics, places of worship

[23] FTC: InMarket Precise Location Data Ban (Jan 2024)

[24] FTC: InMarket Final Order (May 2024) – Required deletion of all previously collected location data

[25] Foursquare: Factual Merger (Apr 2020) – 500M+ devices, 25M users, 105M+ POI, $150M+ revenue, Fortune 100

[26] Vice: SafeGraph Sold Planned Parenthood Location Data ($160 for 600+ locations)

[27] Sen. Warren: SafeGraph and Placer.ai Commit to Stop Selling Abortion Clinic Data

[28] The Markup: Life360 Selling Location Data to ~Dozen Brokers (Dec 2021)

[29] SafeGraph: Dewey Data Partnership / Spinoff (2022)

[30] Crunchbase: Near Intelligence – 1.6B people, 44 countries

[31] BusinessWire: Near Intelligence Chapter 11 Filing (Dec 8, 2023)

[32] Azira: About – Successor entity to Near Intelligence

[33] PR Newswire: xAd Rebrands as GroundTruth (June 2017)

[34] AdExchanger: JiWire Becomes NinthDecimal (June 2014)

[35] Datarade: Predicio (Paris-based location data intermediary)

[36] The Markup: Complementics – Billion+ Mobile Device IDs

[37] GlobeNewsWire: Life360 Q4 2025 Results – 95.8M monthly active users

[38] The Capitol Forum: Life360 Selling Audience Segments via LiveRamp (Aug 2024)

[39] ClassAction.org: E.S. v. Life360 (Filed Jan 2023, Dismissed Nov 2023)

[40] FTC: Gravy Analytics / Venntel Final Order (Jan 14, 2025) – Prohibits sale of sensitive location data without affirmative opt-in consent from a direct consumer relationship; requires a "sensitive location data program" and deletion of all historic precise location data and derived products

[41] FTC: Mobilewalla Final Order (Jan 14, 2025) – First FTC allegation that collecting location data from real-time bidding (RTB) exchanges for non-advertising purposes is an unfair practice; bans sale of data linked to religious orgs, LGBTQ+ venues, healthcare clinics, and labor union offices

[42] The Record: Data Broker Kochava Agrees to Change Business Practices to Settle Lawsuit (Feb 2026)

[43] MediaPost: Data Broker Kochava Reaches Privacy Deal With FTC (Feb 27, 2026) – "Privacy block" feature required for at least 2 years for healthcare facilities, schools, jails, and other sensitive venues

[44] DOJ SDNY: Executives of Data Intelligence and Mobile Advertising Companies Charged in Connection With Securities Fraud Scheme (Aug 2025) – Near Intelligence CEO Anil Mathews, CFO Rahul Agarwal, and MobileFuse CEO Kenneth Harlan indicted; ~$25M revenue inflation scheme; Mathews arrested in France

[45] Hunton Andrews Kurth: Texas AG Sues Allstate for Violations of Texas Privacy Law – First Enforcement Action Under a State Comprehensive Data Privacy Law (Jan 2025) – Arity SDK in Life360 and other apps; 45M+ consumers; TDPSA first enforcement

[46] FTC: Takes Action Against General Motors for Sharing Drivers' Precise Location and Driving Behavior Data Without Consent (Jan 2025) – Sold driving/location data to consumer reporting agencies affecting auto insurance rates

[47] TechCrunch: The FTC's Data-Sharing Order Against GM Is Finally Settled (Jan 14, 2026) – 5-year CRA ban; 20-year affirmative consent requirement for connected vehicle data