The FCC is demanding answers from several carriers over a bombshell Motherboard report from earlier this year that revealed how the carriers made a habit of selling location data about their subscribers to third-parties. That revelation about the practice wasn’t new, but the eye-opening part was how those third parties can then make the subscriber data available to anyone from bounty hunters to private investigators, credit companies and more. This sketchy practice meant that when a data aggregator company like Zumigo obtained location information about a carrier’s customer, they often passed that data on to other sources — meaning, the data frequently got into the hands of people and companies that shouldn’t have it.
The four big carriers quickly promised to give up the practice once this came to light. But the FCC doesn’t want to take them at their word, as the commission’s letters it sent in recent days to AT&T, Sprint, Verizon and T-Mobile make clear. The letters ask, among other things, for clarification around when this practice was actually abandoned while acknowledging that the carriers have already publicly promised that it would be.
“Real-time location information is sensitive data deserving the highest level of privacy protection,” FCC commissioner Jessica Rosenworcel writes in one of the letters, to AT&T CEO John Donovan. “But it is evident from press reports that this data may have been sold without the explicit consent of consumers and without appropriate safeguards in place.”
With that in mind, she goes on to thank AT&T’s top executive for the company’s promise to end this practice by March. But she asks for an update, regardless, as well as a specific date for when this was ended. Among other things, she also asks to be informed whether AT&T’s agreements allowed aggregators “or others” to save and store location data received from the carrier.
The other big carriers got basically the same letter, which asks that all of the requested answers be submitted by May 15. It’s certainly good to see the commission bring this level of scrutiny to a practice that was pretty shocking to read about, especially with the Motherboard piece noting that the practice flew in the face of things like T-Mobile CEO John Legere promising last year that his company “will not sell customer location data to shady middlemen.” No wonder the commission is dubious.