FCC Fines Wireless Carriers For Illegally Sharing Customer Location Data

The Federal Communications Commission has fined AT&T, Sprint, T-Mobile, and Verizon for illegally sharing access to customer location data....
FCC Fines Wireless Carriers For Illegally Sharing Customer Location Data
Written by Matt Milano
  • The Federal Communications Commission has fined AT&T, Sprint, T-Mobile, and Verizon for illegally sharing access to customer location data.

    According to the FCC, the four carriers illegally shared access to customer location data and failed to put proper protection in place to safeguard such data. The FCC has fined Sprint $12 million, T-Mobile $80 million, AT&T more than $57 million, and Verizon nearly $47 million, for just under $200 million total.

    The FCC Enforcement Bureau investigations of the four carriers found that each carrier sold access to its customers’ location information to “aggregators,” who then resold access to such information to third-party location-based service providers. In doing so, each carrier attempted to offload its obligations to obtain customer consent onto downstream recipients of location information, which in many instances meant that no valid customer consent was obtained. This initial failure was compounded when, after becoming aware that their safeguards were ineffective, the carriers continued to sell access to location information without taking reasonable measures to protect it from unauthorized access.

    “Our communications providers have access to some of the most sensitive information about us. These carriers failed to protect the information entrusted to them. Here, we are talking about some of the most sensitive data in their possession: customers’ real-time location information, revealing where they go and who they are,” said FCC Chairwoman Jessica Rosenworcel. “As we resolve these cases – which were first proposed by the last Administration – the Commission remains committed to holding all carriers accountable and making sure they fulfill their obligations to their customers as stewards of this most private data.”

    As the FCC points out, section 222 of the Communication Act requires that carriers “take reasonable measures to protect certain customer information, including location information.” The law also requires carriers to protect customer confidentiality and get customers’ consent before sharing their data.

    “The protection and use of sensitive personal data such as location information is sacrosanct,” said Loyaan A. Egal, Chief of the FCC Enforcement Bureau and Chair of its Privacy and Data Protection Task Force. “When placed in the wrong hands or used for nefarious purposes, it puts all of us at risk. Foreign adversaries and cybercriminals have prioritized getting their hands on this information, and that is why ensuring service providers have reasonable protections in place to safeguard customer location data and valid consent for its use is of the highest priority for the Enforcement Bureau.”

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit