“This location data is private to you and is stored securely on ProudCrowd, LLC servers. It will not be shared with anyone including government entities or third parties, unless you consent or ProudCrowd is compelled under federal regulations.”
There’s only one problem: It isn’t true. Researchers at Jumbo Privacy analyzed the app and found that it was sharing user location data with FourSquare. To make matters even worse, the anonymized code was sent to FourSquare along with a device’s Advertiser Identifier (IDFA). As Jumbo Privacy states, “An IDFA is an identifier that is shared across all apps on your phone, and often leaked by third-party SDKs, along with personal information.”
ProudCrowd is perfectly illustrating why Apple and Google have fought so hard to build their contact tracing API with a focus on privacy. Even when using the API, there is still room for abuse.