The problem with App Annie (or: is the Wild West of Mobile being tamed?)

Last week, the US SEC brought an action against App Annie and its former CEO, Bertrand Schmitt. The SEC stated that the action is the first it has ever taken against a provider of “alternative data”; through a settlement, App Annie will pay a $10MM fine.

Most operators in mobile are familiar with App Annie: it offers an analytics tool that provides estimates of revenue and engagement, among other things, for mobile apps. Mobile developers subscribe to companies like App Annie (often referred to as “App Intelligence” providers) to gather insights on competitors and to perform general market research. But app intelligence tools also count institutional investors as clients: hedge funds and other public markets investors that use these services to make investment decisions.

App Annie provided a free analytics tool called “Connect” that allowed developers to track the performance of their apps by giving App Annie API access to their storefront accounts on the App Store and Google Play. With this access, App Annie had full transparency into the revenue and install counts for these clients’ apps; as part of its Terms of Service, App Annie was allowed to use this data in an aggregated, anonymized way to build statistical models that could project install and revenue performance across the Top Grossing and Top Downloaded charts (eg. knowing install and revenue data for some subset of apps at various positions on the app store charts, App Annie could generate estimates for those metrics for all chart positions).

The SEC alleges that, between late 2014 and mid-2018, App Annie committed fraud: not only did it not exclusively use the data it harvested from Connect client accounts in an aggregated, anonymized way, but it also misled investor clients for its paid insights product about the provenance of its estimates. Because App Annie had access to actual performance data for many apps, it manually adjusted the output of its models when that output diverged materially from the real values. From the SEC’s filing:

To make these manual alterations, the Delivery Team looked at confidential Connect Data, including public company app performance data. The Delivery Team was not trained or supervised by anyone in the Company’s Data Science group and did not document which estimates were adjusted or what changes were made. There was no statistical basis for these post-model alterations. The only purpose of these alterations was to make the estimates closer to the actual metrics … Schmitt approved the creation and use of this manual alteration process because he believed it was cheaper and more effective at making the estimates closer to the actual results than a process that would have complied with the Connect Terms of Service, such as having data scientists research and implement improvements to the statistical model itself.

Essentially, App Annie had access to specific apps’ actual performance metrics and fed those into a model that output estimates for a very large number of apps. Connect clients agreed to have their data harvested if it was only used as an input to a model, and institutional investors agreed to pay for App Annie’s product if it only revealed to them model outputs. But in cases where the metrics estimates for specific apps digressed from the actual metrics beyond some threshold, the company used the actual metrics to adjust those estimates. Neither App Annie’s institutional investor clients nor its Connect clients had agreed to participate in this scheme: Connect clients wouldn’t want their actual performance data made available to the public, and institutional investor clients wouldn’t want to receive non-public data. This is the genesis of the SEC’s action.

This kind of flagrant, flippant mis-use of customer data was more or less endemic on mobile in the period over which App Annie is accused of this behavior — and it persists to a lesser extent today. App Annie’s specific detriment, which invited the ire of a government agency’s scrutinty, is that institutional investors made up a sizeable proportion of its customer base: the SEC case refers to “more than 100 trading firms” as having purchased App Annie’s insight product. This peculiarity brought the company’s transgressions into the purview of the SEC. Compare this to certain corners of the ad tech ecosystem that more or less exist to traffic in user data: can a government agency like the FTC ever possess the political motivation to successfully thwart that behavior?

I have called the IDFA the “hydrocarbon of the mobile advertising ecosystem,” and I believe the degree to which it was used to build targeting profiles of users had become untenable. But government intervention didn’t obstruct the exploitation of the IDFA: Apple did, through its App Tracking Transparency (ATT) privacy policy. The mobile app economy has often been called the Wild West: regulated almost entirely by platform operators that function with near-total authoritative aplomb and supported by a non-consumer-facing industry, ad tech, not known for its stringent scruples. Is the App Annie case a one-off, isolated episode? Or is it a signal that the government might one day exert oversight on the ecosystem and tame the Wild West of Mobile?

Photo by Eniko Polgar on Unsplash