On Monday, the Federal Communications Commission (FCC) fined the most prominent US wireless companies about two hundred million dollars for unlawfully sharing access to customers' location data.
The FCC's Sanction to US Wireless Companies
The FCC is wrapping up fines amounting to eighty million dollars for T-Mobile, twelve million dollars for Sprint (now owned by T-Mobile), fifty-seven million dollars for AT&T, and almost forty-seven million dollars for Verizon Communications, which it initially proposed in 2020.
According to FCC Chairwoman Jessica Rosenworcel, the carriers had failed to safeguard the most sensitive information entrusted to them, such as customers' real-time location information that discloses their whereabouts and identities. Under Rosenworcel's leadership, the FCC, led by a Democrat, has prioritized data privacy and protection, focusing on critical areas, including addressing data breaches and vulnerabilities associated with third-party vendors.
Wireless Carriers' Alleged Real-Time Location Selling
The carriers sold real-time location information to data aggregators, leading to this sensitive data reaching bail-bond companies, bounty hunters, and other questionable actors, according to Rosenworcel.
Carriers have permitted location data for various purposes, such as roadside assistance, logistics, medical emergency alerts, human trafficking alerts, and fraud prevention programs.
READ ALSO: AT&T Finds 73M Customers' Information Leak on "Dark Web," Rushes to Reset Account Passcodes
Smartphones are constantly with individuals, allowing device tracking at all times. Rosenworcel emphasized the sensitivity of geolocation data and that it could be misused, giving malicious individuals the ability to pinpoint one's location accurately.
Wireless Companies Challenging The Excessive and Incorrect Fines
The top three US wireless providers have pledged to challenge the two hundred million dollars fines imposed by regulators who accused them of illegally sharing customers' location information.
T-Mobile stated that the FCC's decision is incorrect and the fine is excessive, so they plan to challenge it. T-Mobile also mentioned that the industry-wide third-party aggregator location-based services program ended five years ago after they took measures to ensure that essential services like roadside assistance, fraud protection, and emergency response were not affected.
Verizon stated that it has taken steps to safeguard its customers. When a single unauthorized individual accesses information about a small group of customers, the company promptly intervenes, terminates the program, and implements measures to prevent such incidents from occurring again.
AT&T criticized the order, stating it lacks both legal and factual merit. It unfairly places responsibility on them for another company's failure to obtain consent as per contractual requirements. AT&T also noted that the order overlooked their immediate actions to address the other company's shortcomings and unfairly penalized them for supporting life-saving location services.
The FCC stated that carriers relied on contractual assurances from service providers, ensuring they would obtain consent from the carriers' customers before accessing location information.
In 2019, lawmakers expressed outrage over aggregators purchasing user data from wireless carriers and selling location-based services to various companies and individuals, including bounty hunters.