AccuWeather responds to accusations they shared geolocation data without permission

Yesterday, from a post called Screw you, AccuWeather:

Popular weather app AccuWeather has been caught sending geolocation data to a third-party data monetization firm, even when the user has switched off location sharing.

And Jim’s followup:

How can you ever trust them again? You can’t.

Last night, AccuWeather released this statement:

Despite stories to the contrary from sources not connected to the actual information, if a user opts out of location tracking on AccuWeather, no GPS coordinates are collected or passed without further opt-in permission from the user.

Other data, such as Wi-Fi network information that is not user information, was for a short period available on the Reveal SDK, but was unused by AccuWeather. In fact, AccuWeather was unaware the data was available to it. Accordingly, at no point was the data used by AccuWeather for any purpose.

And

To avoid any further misinterpretation, while Reveal is updating its SDK, AccuWeather will be removing the Reveal SDK from its iOS app until it is fully compliant with appropriate requirements. Once reinstated, the end result should be that zero data is transmitted back to Reveal Mobile when someone opts out of location sharing. In the meanwhile, AccuWeather had already disabled the SDK, pending removal of the SDK and then later reinstatement.

Read the rest of the statement here.

My gut says AccuWeather was caught by surprise here, rather than caught with their hand in the cookie jar. The way I read this, this is an issue with the Reveal SDK, not an intentional act of deception on the part of the AccuWeather app. Disagree?