The four major U.S. wireless carriers confirmed to Federal Communications Commissioner Jessica Rosenworcel that they recently stopped, or will soon stop, providing outside aggregators with information about customers' locations.
The carriers' statements come in response to Rosenworcel's demand for information about how they treat data that could reveal customers' whereabouts. On May 1, she sent letters to AT&T, T-Mobile, Sprint and Verizon, asking them exactly when they ceased selling location data, and whether they required recipients of the information to destroy it.
On Thursday, Rosenworcel published their answers, stating: “I do not believe consumers should be kept in the dark.”
AT&T, T-Mobile and Verizon told Rosenworcel they stopped selling data to aggregators in March. Sprint said it will do so by the end of this month.
The carriers' responses about whether data deletion appeared more ambiguous.
For example, Sprint said it allowed aggregators “to store location data for time periods, which allows for adequate response to any claims that may subsequently arise.”
And AT&T said it required recipients of location data “to delete that information ... subject to any of their preservation obligations.”
Rosenworcel's letters to the companies came four months after publication Motherboard reported that a journalist paid a “bounty hunter” $300 to track a phone's location to a neighborhood in Queens, New York. The carrier for that phone was T-Mobile, which shared the location data with the aggregator Zumigo, which in turn shared the data with the company Microbilt. Microbilt then shared the information with a bounty hunter, who shared it with a bail industry source, according to Motherboard.
The report of that incident prompted lawmakers to question the FCC, and the carriers themselves. But the bounty-hunter incident wasn't the first time that carriers came under scrutiny over location data. In May of 2018, it emerged that an aggregator was selling location data to law enforcement authorities who lacked warrants. The telephone companies said last May, then again earlier this year, that they would stop selling customers' location data.
Rosenworcel, a Democrat, criticized the Republican-led agency for failing to publicly respond to news of the data sales.
“The FCC has been totally silent about press reports that for a few hundred dollars shady middlemen can sell your location within a few hundred meters based on your wireless phone data. That's unacceptable,” she stated Thursday. “This is an issue that affects the privacy and security of every American with a wireless phone.”
FCC Commissioner Geoffrey Starks, a Democrat, has also criticized the agency over how it's handling the privacy breach.
“Nearly a year after the news first broke, the commission has yet to issue an enforcement action or fine those responsible,” he wrote last month in The New York Times. “This passage of time is significant, as the agency usually has only one year to bring action to hold any wrongdoers accountable before the statute of limitations runs out.”