Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Regulators Move to Fine Telecoms for Selling Location Data

US regulators moved to impose fines Friday against the nation’s four major wireless carriers for selling location data of customers without their consent.

The Federal Communications Commission proposed fining T-Mobile more than $91 million; AT&T some $57 million; Verizon $48 million, and Sprint $12 million.

US regulators moved to impose fines Friday against the nation’s four major wireless carriers for selling location data of customers without their consent.

The Federal Communications Commission proposed fining T-Mobile more than $91 million; AT&T some $57 million; Verizon $48 million, and Sprint $12 million.

The wireless firms were accused of having disclosed mobile network user location data to a third party without authorization from customers, the FCC said.

The FCC began an investigation after a report that a sheriff in Missouri used a “location-finding service” operated by a prison communications services company called Securus to track whereabouts of people including a judge and law enforcement officers.

The carriers provided access to customer location data to “aggregators” who then resold information to services such as Securus, according to the regulator.

“American consumers take their wireless phones with them wherever they go,” FCC chairman Ajit Pai said in a release.

“And information about a wireless customer’s location is highly personal and sensitive.”

US telecom firms have been on notice for more than a decade that they are required to safeguard location data gathered about users, Pai added.

Advertisement. Scroll to continue reading.

Sizes of the fines were based on how long carriers continued to sell customer location information without proper safeguards and how many parties had access, the FCC said.

The telecom companies will get to provide evidence and arguments to the commission before the fines are finalized.

Some privacy activists said the penalties failed to go far enough.

Lisa Hayes of the Center for Democracy & Technology, a digital rights organization, called the fines too little and too late.

“This kind of egregious privacy violation and the weak enforcement response by the FCC further demonstrate why the US needs a strong, comprehensive, national privacy law,” said Hayes.

“The current lack of a law means that anyone willing to spend a few hundred dollars can buy the location data of another person at any moment in time.”

Gaurav Laroia of the consumer group Free Press said the FCC action comes more than a year after activists filed complaints on these practices.

“Press reports surfaced over a year ago that AT&T, Sprint, T-Mobile and Verizon were selling their customers’ real-time location information to data brokers,” Laroia said. “That information was then available on the open market, putting people in real physical danger.”

Sprint told AFP that it is reviewing the FCC’s notice regarding the proposed fine and had no comment other than to say it takes customer privacy seriously.

“When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action,” T-Mobile said in response to an AFP inquiry.

T-Mobile added that it will dispute the FCC’s conclusions and the fine.

Verizon and AT&T did not immediately respond to requests for comment.

Related: Aussie Consumer Watchdog Sues Google Over Location Data Use

Related: Irish Regulator Probes Google, Tinder Over Data Processing

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem