Regulators Move To Fine Telecoms For Selling Location Data

US regulators moved to impose fines Friday against the nation’s four major wireless carriers for selling location data of customers without their consent.

The Federal Communications Commission proposed fining T-Mobile more than $91 million; AT&T some $57 million; Verizon $48 million, and Sprint $12 million.

The wireless firms were accused of having disclosed mobile network user location data to a third party without authorization from customers, the FCC said.

The FCC began an investigation after a report that a sheriff in Missouri used a “location-finding service” operated by a prison communications services company called Securus to track whereabouts of people including a judge and law enforcement officers.

The carriers provided access to customer location data to “aggregators” who then resold information to services such as Securus, according to the regulator.

“American consumers take their wireless phones with them wherever they go,” FCC chairman Ajit Pai said in a release.

“And information about a wireless customer’s location is highly personal and sensitive.”

US telecom firms have been on notice for more than a decade that they are required to safeguard location data gathered about users, Pai added.

Sizes of the fines were based on how long carriers continued to sell customer location information without proper safeguards and how many parties had access, the FCC said.

The telecom companies will get to provide evidence and arguments to the commission before the fines are finalized.

Some privacy activists said the penalties failed to go far enough.

Lisa Hayes of the Center for Democracy & Technology, a digital rights organization, called the fines too little and too late.

“This kind of egregious privacy violation and the weak enforcement response by the FCC further demonstrate why the US needs a strong, comprehensive, national privacy law,” said Hayes.

“The current lack of a law means that anyone willing to spend a few hundred dollars can buy the location data of another person at any moment in time.”

Gaurav Laroia of the consumer group Free Press said the FCC action comes more than a year after activists filed complaints on these practices.

“Press reports surfaced over a year ago that AT&T, Sprint, T-Mobile and Verizon were selling their customers’ real-time location information to data brokers,” Laroia said. “That information was then available on the open market, putting people in real physical danger.”

Sprint told AFP that it is reviewing the FCC’s notice regarding the proposed fine and had no comment other than to say it takes customer privacy seriously.

“When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action,” T-Mobile said in response to an AFP inquiry.

T-Mobile added that it will dispute the FCC’s conclusions and the fine.

Verizon and AT&T did not immediately respond to requests for comment.

US regulators moved to impose fines Friday against the nation’s four major wireless carriers for selling location data of customers without their consent.

The Federal Communications Commission proposed fining T-Mobile more than $91 million; AT&T some $57 million; Verizon $48 million, and Sprint $12 million.

The wireless firms were accused of having disclosed mobile network user location data to a third party without authorization from customers, the FCC said.

The FCC began an investigation after a report that a sheriff in Missouri used a “location-finding service” operated by a prison communications services company called Securus to track whereabouts of people including a judge and law enforcement officers.

The carriers provided access to customer location data to “aggregators” who then resold information to services such as Securus, according to the regulator.

“American consumers take their wireless phones with them wherever they go,” FCC chairman Ajit Pai said in a release.

“And information about a wireless customer’s location is highly personal and sensitive.”

US telecom firms have been on notice for more than a decade that they are required to safeguard location data gathered about users, Pai added.

Sizes of the fines were based on how long carriers continued to sell customer location information without proper safeguards and how many parties had access, the FCC said.

The telecom companies will get to provide evidence and arguments to the commission before the fines are finalized.

Some privacy activists said the penalties failed to go far enough.

Lisa Hayes of the Center for Democracy & Technology, a digital rights organization, called the fines too little and too late.

“This kind of egregious privacy violation and the weak enforcement response by the FCC further demonstrate why the US needs a strong, comprehensive, national privacy law,” said Hayes.

“The current lack of a law means that anyone willing to spend a few hundred dollars can buy the location data of another person at any moment in time.”

Gaurav Laroia of the consumer group Free Press said the FCC action comes more than a year after activists filed complaints on these practices.

“Press reports surfaced over a year ago that AT&T, Sprint, T-Mobile and Verizon were selling their customers’ real-time location information to data brokers,” Laroia said. “That information was then available on the open market, putting people in real physical danger.”

Sprint told AFP that it is reviewing the FCC’s notice regarding the proposed fine and had no comment other than to say it takes customer privacy seriously.

“When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action,” T-Mobile said in response to an AFP inquiry.

T-Mobile added that it will dispute the FCC’s conclusions and the fine.

Verizon and AT&T did not immediately respond to requests for comment.

―Bangkok Post