At least one major U.S. carrier faces the wrath of the FCC for selling customers' location data
It appears that one or more unnamed U.S. wireless carriers have caught the attention of the FCC and its chairman Ajit Pai. The regulatory agency says that it will take action against these companies for selling its customers' real-time location data without permission. With this information, third party firms could track smartphone users. Pai and the FCC were referring specifically to a report last May about a flaw in the website belonging to a company called LocationSmart. The latter collects real-time data from smartphones and the website glitch allowed location data to be obtained from any phone running on Verizon, T-Mobile, AT&T, and Sprint.
Writing a letter to the House Committee on Energy and Commerce, Pai wrote, "I am writing to follow up on my letter of December 3, 2019 regarding the status of the FCC’s investigation into the disclosure of consumers' real-time location data. Fulfilling the commitment I made in that letter, I wish to inform you that the FCC’s Enforcement Bureau has completed its extensive investigation and that it has concluded that one or more wireless carriers apparently violated federal law." Pai added, "I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC's rules, including those that protect consumers' sensitive information, such as real-time location data. Accordingly, in the coming days, I intend to circulate to my fellow Commissioners for their 'consideration one or more Notice(s) of Apparent Liability for Forfeiture in connection with the apparent violation(s). Please let me know if I can be of any further assistance."
So now the big question is which carriers were involved, and just exactly what the FCC punishment will be. In June 2018, Verizon and AT&T said that they would stop selling customer location data to third party firms. And last May, four nearly identical class-action suits were filed against each of the major U.S. wireless carriers. The plaintiffs, customers of the major wireless providers, claim that their location data was sold to data aggregators who turned around and sold it to others including bounty hunters seeking bail jumpers.
FCC Commissioner Jessica Rosenworcel said yesterday that it was a "shame" that the FCC took so long to act on reports that "shady middlemen could sell your location within a few hundred meters based on your wireless phone data." She stated that "It’s chilling to consider what a black market could do with this data." A trade group that represents the carriers said that access to their customers' data was suspended and the programs terminated once it became clear that access to this location data was being abused.
U.S. Senator Ron Wyden (D-Ore.), who got involved by writing letters to the carriers in 2018 seeking more information on how the firms handled their customers' location data, made an interesting comment yesterday. He said that he was "eager to see whether the FCC will truly hold wireless companies accountable, or let them off with a slap on the wrist."
Things that are NOT allowed: