Federal Trade Commission // Advertising Fraud // Surveillance Capitalism

Your Phone Was Never Listening. They Charged You Like It Was.

EvilCorporations.com Investigative Desk  |  Source: FTC Docket No. CDECISION, MindSift LLC

The Non-Financial Ledger

There is a specific kind of betrayal in this story that a fine of $25,000 will never address.

Imagine you own a small business. Maybe it’s a plumbing company, a dental practice, a local gym. You are not a tech person. You are a person who knows your trade and is trying to get customers through the door. A salesperson from a company with the backing of a large media brand, Cox Media Group, sits across from you and tells you something that sounds alarming but also exciting: your future customers are out there right now, talking to their spouses, their kids, their friends, about the exact service you offer. Their phones are listening. And for a fee, you can be the ad they see immediately after that conversation.

You are not crazy for finding that believable. You have heard the conspiracy theories. You have had the experience of talking about something and then seeing an ad for it. The pitch lands because it rhymes with a fear millions of people already carry. MindSift knew this. They named their product “Active Listening.” They wrote the words “Yes, your devices are listening to you” into their pitch materials. They built an entire service on the cultural anxiety around surveillance and then sold that anxiety back to small business owners as a premium product.

Those business owners paid real money, money they earned, for something that did not exist. They made business decisions, allocated budgets, maybe cut something else, based on a complete fiction. And the consumers on the receiving end of those ads, the people whose email addresses were scooped up from data brokers and sold without their knowledge, had no idea their contact information was being marketed as surveillance data.

The damage is not just financial. It is the erosion of trust. Small business owners who got burned here are less likely to invest in digital marketing again, even in legitimate tools. Consumers who find out their email was packaged and sold as if it were surveillance footage of their private conversations are right to feel violated, even though the “listening” never happened. The lie itself is the harm.

Legal Receipts

These are direct quotes from the FTC complaint, reproduced verbatim from the source document.

“Active Listening can ‘identify buyers based on real-time conversations.'”

• This claim is false on its face. The FTC found that no voice data was ever collected by the Active Listening service. There were no real-time conversations being identified. Buyers were being “identified” by purchasing pre-built email lists from third-party data brokers.
• This specific language appeared in sales presentations to small businesses between 2023 and mid-2024, meaning it was used repeatedly, across multiple customers, over an extended period.

“Active Listening technology [] harvest[s] virtually all pre-purchase discussions in real time around the specific keywords set, based on your company’s product or service.”

• The word “harvest” is doing a lot of work here. It suggests industrial-scale, real-time surveillance. The FTC confirmed there was no such harvesting. The technology described in this claim did not exist in MindSift’s product.

“Our platform consumes opted-in user behaviors that are unmatched to a user at the time of our acquisition. Our algorithm will use a personal identifier, most commonly an email address to match behaviors generated via Voice from IoT devices, Search, DSP’s [sic], Data Providers, Publishers and predict where they are in the ‘buying funnel’ and how likely they are to convert for a specific product or service based on other users that have displayed such behaviors. We generate a Custom Audience List that can be uploaded into variety of platforms, thus you will receive additional validation when Facebook or Google will match those users; validate they are opted in and serve ads. Voice related behaviors make up 40%-50% of behavior volumes we consume….”

• This was ghost-written by MindSift as a script for CMG sales reps to use when customers pushed back and asked hard questions about the legality of the service. MindSift did not send this to customers directly; they handed it to CMG to deploy, creating a layer of separation between themselves and the deception.
• The phrase “Voice related behaviors make up 40%-50% of behavior volumes we consume” is a specific, quantified claim designed to look like data. The FTC found it to be baseless. No voice behaviors were being consumed at any percentage.
• The claim that “Google will validate they are opted in” co-opts the reputations of major platforms to give a fraudulent product the appearance of legitimacy.

“all data we sell is sourced exclusively from users who have explicitly opted in to share their data.”

• The FTC found that MindSift did not obtain consent from consumers to collect or use voice data for marketing purposes. The “explicit opt-in” claim was false.
• MindSift’s own explanation for what “opt-in” meant reveals the sleight of hand: “You may not realize it, but when you download apps, set up new devices you ‘accept’ the terms, and those terms include allowing them to access your microphone.” The company was pointing to buried terms-of-service language in unrelated apps as proof of consent for its own data collection. That data collection was not happening.

Public Deception

The FTC complaint documents a systematic gap between what MindSift told customers and what was actually true about its product on every material dimension.

• MindSift claimed Active Listening used voice data from smart devices. The reality: no voice data was collected or used. The service was purchasing email lists from data brokers and reselling them at a markup.
• MindSift claimed consumers had explicitly opted in to the collection and use of their voice data. The reality: no consumer consent was obtained. MindSift retroactively pointed to generic app terms-of-service as consent, terms that consumers accepted without knowing they would be used to justify surveillance marketing by a company they had never heard of.
• MindSift claimed geographic targeting within a defined local radius, such as ten miles around specific zip codes. The reality: the lists generated included consumers from across the country, with only a fraction located anywhere near the advertising business.

Regulatory Gray Zones

MindSift’s defense of its consent claims relied on a deliberate misreading of existing privacy law, exploiting the gap between what “opt-in” means under law and what consumers understand it to mean.

• MindSift pointed to buried terms-of-service agreements in apps and devices as evidence that consumers had “consented” to voice data collection for marketing purposes. The logic: if a user accepted an app’s terms, and those terms included microphone access language, then any downstream use of that user’s data was permissible. This stretches consent doctrine far beyond any reasonable interpretation, but it exploits the fact that no single federal law clearly prohibits it in every context.
• The FTC found this consent argument false in this specific case because MindSift was not actually collecting voice data at all, so the consent question was moot. However, the underlying strategy of citing app ToS as blanket consent for third-party data resale is a gray zone that remains inadequately addressed by federal consumer protection law.
• The use of the phrase “opted-in user behaviors” in MindSift’s customer-facing materials mimics the language of legitimate data privacy frameworks without meeting any of their substantive requirements, exploiting regulatory vocabulary to suggest compliance that does not exist.

Profit-Maximization at All Costs

The core business model of Active Listening was arbitrage: buy cheap, sell expensive, and use a compelling fiction to justify the markup.

• The FTC complaint states directly that MindSift “resold these lists at a significant markup over the cost of the data.” The company’s entire margin depended on the surveillance story. Without the fiction of real-time voice monitoring, the product was a commodity email list with no premium justification.
• MindSift extended this model upward by partnering with CMG on a white-label basis, allowing a large, credible media company to resell the fraudulent service to its own small business customers. This multiplied the number of paying customers far beyond what MindSift could have reached independently, and it placed the reputational risk of the product on CMG’s salespeople rather than on MindSift itself.
• The FTC complaint notes that MindSift supplied CMG not just with the product but with the specific language for marketing materials, sales pitches, and responses to customer objections. This means MindSift was profiting from a deception while handing CMG the tools to execute it, a structure that maximized reach while minimizing MindSift’s direct exposure.

The Contractor Shield

MindSift built a three-layer structure that placed the consumer-facing deception at the furthest possible point from its own corporate identity.

• MindSift LLC operated in concert with 1010 Digital Works LLC and its sole member, Dmitriy Shteynbuk. The complaint names 1010 Digital as a direct collaborator in creating and offering Active Listening, but the FTC enforcement action and the $25,000 fine landed on MindSift, not on 1010 Digital or its sole member personally.
• CMG, a large media company, acted as the white-label reseller. Small business customers who purchased Active Listening through CMG were dealing with CMG’s brand, CMG’s salespeople, and CMG’s follow-up communications. MindSift’s name may never have appeared in those conversations at all.
• MindSift ghost-wrote the deceptive scripts that CMG’s salespeople delivered. The FTC describes this as “furnishing the means and instrumentalities for the commission of deceptive acts,” which is a separate count in the complaint from the direct misrepresentation count. This structure allowed MindSift to argue it was a back-end technology provider while its own language was coming out of CMG representatives’ mouths.

Supply Chain Complicity

The fraud in this case was not built on proprietary technology. It was built on a commodity data supply chain that MindSift dressed up in surveillance language to justify a premium price.

• The actual product MindSift delivered was email lists purchased from data brokers, companies that compile and sell contact information linked to consumer profiles. These brokers are the invisible upstream tier of the Active Listening supply chain. Their lists were the raw material of a product marketed as real-time AI surveillance.
• MindSift purchased these lists and sold them onward through two channels: directly to small businesses, and through CMG on a white-label basis. Each tier added distance between the data’s actual origin and the customer writing the check.
• The FTC complaint notes that small businesses received lists containing consumers from across the country when they were paying for local targeting. This means the data broker supply did not even match the product specification MindSift was selling, a quality control failure that was buried inside the larger fraud.
• No tier of this supply chain was subject to meaningful disclosure requirements in this context. Small businesses buying “Active Listening” had no visibility into the data broker origin of the lists they received, the lack of geographic precision in those lists, or the fact that voice data played no role in compiling them.

Societal Impact Mapping

Public Health: The Surveillance Anxiety Economy

Active Listening was engineered to be believable precisely because it exploited a real, documented public fear about device surveillance.

• The product name, marketing language, and pitch materials were deliberately designed to confirm the widespread anxiety that smart devices are secretly listening to private conversations. The FTC complaint records MindSift’s own pitch materials stating: “Yes, your devices are listening to you.” This was not an accidental implication; it was a selling point.
• Products like Active Listening deepen public distrust of legitimate digital services. When surveillance-themed fraud becomes a normalized marketing category, it becomes harder for consumers to distinguish real data collection practices from invented ones, and it makes informed consent decisions less possible.

Economic Inequality: Small Businesses Paid for Air

The specific harm here fell on small businesses, entities with no legal departments, no media budget to evaluate vendor claims, and no resources to recover from a bad advertising investment.

• Small businesses are structurally the most vulnerable customers in the advertising technology ecosystem. They lack the internal expertise to audit vendor claims, the bargaining power to demand verification, and the legal resources to pursue fraud when it occurs.
• MindSift targeted this vulnerability directly. The complaint establishes that Active Listening was sold both directly to small businesses and through CMG to CMG’s small business customer base. The product was positioned as democratizing access to surveillance-grade targeting previously available only to large corporations, a pitch calibrated precisely to the aspirations of budget-constrained small business owners.
• Money paid to MindSift for a product that did not function as described was money those businesses could not spend on advertising that might have actually worked. In a zero-sum marketing budget, the cost of fraud is not just the purchase price; it is the opportunity cost of effective alternatives foregone.

Who Pays? Following the Cost

The financial harm from this fraud flowed directly from small business owners outward. The data brokers who supplied the raw lists were paid. MindSift collected its markup. CMG collected its resale margin. The small businesses got lists that did not work.

• Small businesses purchasing Active Listening paid a “significant markup” over the actual cost of the email list data, per the FTC complaint. That markup was the pure profit margin generated by the surveillance fiction. Every dollar of that markup was extracted from businesses that received nothing in return for the premium.
• Consumers whose email addresses were compiled into these lists and sold without their meaningful knowledge received no compensation and no disclosure. They were the product, and they were not in the room when the transaction happened.
• The $25,000 FTC fine goes to the Commission, not to harmed businesses. The Decision and Order notes that funds “may be deposited into a fund administered by the Commission” for consumer redress, and that if direct redress is impractical, the money may be used for other consumer information remedies. Whether small business purchasers receive any refund is subject to a Commission determination of practicability.

The Settlement Is Not Justice

A $25,000 fine for a company that operated a fraudulent service for at least a year and a half, resold across two distribution channels, represents one of the more striking examples of regulatory underreach in the current FTC enforcement record.

• MindSift neither admits nor denies any wrongdoing. The consent order states explicitly: “Respondent neither admits nor denies any of the allegations in the Complaint, except as specifically stated in this Decision and Order.” The FTC built a detailed factual record of deception and received $25,000 and a promise to stop. No individual within MindSift or 1010 Digital faced any personal fine or criminal referral based on documents available.
• The primary behavioral obligation in the order is a prohibition against making misrepresentations about voice data and advertising services in the future. MindSift is required to stop doing what it was already caught doing. This is the floor of accountability, not a ceiling.
• The fine amount, $25,000, provides no meaningful deterrence for any company above subsistence scale. If Active Listening generated even a modest number of small business customers paying standard local advertising rates, the fine could represent less than a single client’s contract value.
• Dmitriy Shteynbuk, named in the complaint as the sole member of 1010 Digital Works LLC, MindSift’s direct collaborator, is not named as a respondent in the consent order. The order binds MindSift LLC, its successors, and assigns. Individual accountability is absent from the final resolution.

The “Cost of a Fine” Metric

The Timeline

The documented chronology of Active Listening: from launch to FTC order.

This Is the System Working as Intended

The outcome of the MindSift case is not a system failure. It is a precise illustration of what the system produces when small businesses are defrauded at scale by a company with no meaningful assets to seize.

• The FTC’s enforcement tools in this case produced a consent order, a behavioral prohibition, and a $25,000 fine. No individual was sanctioned. No criminal referral is documented. The company neither admits nor denies wrongdoing. This is the standard output of administrative enforcement against a small, asset-light LLC, and it is structurally incapable of deterrence at the industry level.
• The white-label distribution structure, where a large credible company (CMG) resells a fraudulent product from a small unknown company (MindSift), is precisely the kind of arrangement that diffuses enforcement risk. CMG is not a respondent in this action. Its name appears in the complaint but not in the order. The ghost-written scripts CMG’s salespeople delivered to small businesses have no ongoing legal consequence for CMG under this settlement.
• Data broker supply chains have no mandatory disclosure requirements that would have surfaced the disconnect between “voice surveillance product” and “purchased email list” at any point in the transaction. The system does not require MindSift or CMG to tell their customers what they are actually buying. The burden of discovery falls on the defrauded party after the fact.
• The FTC complaint was built on the specific fiction that MindSift was collecting voice data. The underlying practice of buying email lists from data brokers, packaging them as sophisticated behavioral targeting, and selling them at a markup to small businesses with no way to verify the claims is a practice that predates MindSift and will outlast this enforcement action.

What a Legitimate Fix Looks Like

The core structural failure this case exposes: advertising technology vendors can sell fabricated product capabilities to small businesses with no verification requirement, no mandatory disclosure of data sourcing, and no individual accountability when the fraud is discovered.

The above represents editorial analysis grounded in the documented failure modes of this specific case. It does not constitute legal advice and does not represent findings of the FTC source document.

What Now?

The entity directly responsible for this fraud is MindSift LLC (142 Main Street, Suite 405, Nashua, NH 03060), operating in concert with 1010 Digital Works LLC. The FTC is the regulatory body that brought this action and retains jurisdiction under the 20-year consent order.

Watchlist: Agencies with Jurisdiction

• Federal Trade Commission (FTC): primary enforcer in this case. File complaints about deceptive advertising and marketing services at ftc.gov/complaint. The FTC’s Bureau of Consumer Protection monitors compliance with this consent order for 20 years.
• State Attorneys General: consumer protection divisions in New Hampshire and in any state where small businesses were defrauded by Active Listening have independent jurisdiction to pursue restitution for affected businesses under state consumer protection statutes.
• Consumer Financial Protection Bureau (CFPB): while not the lead agency here, the CFPB has authority over unfair, deceptive, or abusive practices that intersect with financial harm to small businesses.

What You Can Do

• If your small business purchased Active Listening or a similar “voice targeting” product from CMG or any other vendor, file a complaint with the FTC at ftc.gov/complaint and with your state AG’s consumer protection office. The FTC Decision and Order instructs MindSift to provide customer information to the Commission to facilitate redress. Your complaint creates a documented record in that process.
• Ask every adtech vendor you work with for written technical substantiation of their targeting claims before you sign a contract. “Voice data,” “real-time behavioral signals,” and “AI-powered intent targeting” are phrases that require documentation. If a vendor cannot provide it, treat that as a red flag.
• Small business associations, local chambers of commerce, and community economic development organizations should circulate this enforcement record to their members as a reference case. The FTC complaint is a public document. The deception patterns documented in it are not unique to MindSift.
• Support federal and state legislation requiring adtech vendors to disclose data sourcing to their advertising customers. The absence of this requirement is the structural gap this case exploits.