Senate
Democrat Ron Wyden (Oregon) is slamming the wireless carriers for their “atrocious track record” on privacy.
“By now, we have established that there is a clear, ongoing
pattern of misuse and abuse of consumer data by wireless carriers,” Wyden said Wednesday on Twitter. “Now it’s
time to talk about what Congress is going to do about it.”
The lawmaker, who recently floated a federal privacy bill, also blasted the carriers' CEOs.
“It is now
abundantly clear that you have failed to be good stewards of your customers' private location information,” Wyden wrote Wednesday in a letter sent to top executives at AT&T, Sprint, Verizon
and T-Mobile, and obtained by the publication Motherboard.
Wyden's new criticism
comes after T-Mobile informed him about a previously undisclosed privacy breach. Last month, T-Mobile said in a letter to Wyden that the company had experienced at least five incidents involving
alleged misuse of data that the company had shared with aggregators. Four of those incidents had already been publicized, but one -- which occurred in 2014 -- hadn't been disclosed before, according
to Motherboard.
On Wednesday, Wyden told the carriers they're legally required to protect their subscribers' private information -- including location data -- and to inform federal law
enforcement officials of breaches.
“Given your companies' atrocious track record protecting location data, Americans have good reason to doubt your compliance with your legal obligation
to report such breaches,” Wyden wrote to the companies.
He is now asking the carriers to provide detailed information about any instances after 2009 in which the company shared location
data with third parties who fraudulently obtained the information.
Earlier this year, Motherboard reported that the country's largest carriers were selling
customers' location data to third parties. Motherboard's article detailed how a reporter paid a “bounty hunter” $300 to track a phone's location to a neighborhood in Queens, New York.
The carrier for that phone was T-Mobile, which reportedly shared the location data with the aggregator Zumigo, which in turn shared the data with Microbilt. Microbilt then shared the information
with a bounty hunter, who shared it with a bail industry source.
After the report was published, the carriers promised to stop selling location data to third parties.