House Republicans are questioning wireless carriers and other companies over their sale of customers' location data.
“This practice of selling and sharing of location information ... potentially impacts hundreds of millions of American customers,” Republicans on the House Energy and Commerce committee wrote in letters sent Wednesday to the CEOs of AT&T, Verizon, Sprint and T-Mobile. “We are deeply troubled because it is not the first time we have received reports and information about the sharing of mobile users' location information involving a number of parties who may have misused personally identifiable information.”
The letters came several days after Rep. Frank Pallone (D-New Jersey), chairman of the Energy and Commerce committee, asked Federal Communications Commission Chairman Ajit Pai to provide an emergency briefing to Congress about carriers' practices. Pai declined to do so.
The moves by Congress were prompted by an article in Motherboard, which reported last week that some of the largest carriers are selling customers' location data to third parties. Motherboard's article detailed how a reporter paid a “bounty hunter” $300 to track a phone's location to a neighborhood in Queens, New York.
The carrier for that phone was T-Mobile, which shared the location data with the aggregator Zumigo, which in turn shared the data with Microbilt. Microbilt then shared the information with a bounty hunter, who shared it with a bail industry source, according to Motherboard.
Soon after the article appeared, AT&T, T-Mobile and Verizon promised to stop selling location data by March. This week, Sprint also said it would stop selling the data to aggregators, according to Motherboard.
Last May, it emerged that an aggregator was selling location data to law enforcement authorities who lacked warrants. At the time, carriers also promised to stop selling location information to outside aggregators.
House Republicans are now requesting a host of information from AT&T, T-Mobile, Verizon and Sprint, including the names of all outside companies that received data about customers' locations since 2007. Other questions center on the contracts between the carriers and the outside companies, and how the carriers ensure that third parties are only selling approved services.
The lawmakers also are questioning the CEOs of Zumigo and Microbilt about how they handle customers' location data. Among other questions, the officials want to know how the companies obtain consumers' consent before disclosing location data.
Congress is requesting answers by January 30.