All Four Major Wireless Carriers Hit With Lawsuits Over Sharing, Selling Location Data

from the somebody's-watching-you dept

We've noted repeatedly that if you're upset about Facebook's privacy scandals, you should be equally concerned about the wireless industry's ongoing location data scandals. Not only were the major carriers caught selling your location data to any nitwit with a checkbook, they were even found to be selling your E-911 location data, which provides even more granular detail about your data than GPS provides. This data was then found to have been widely abused from everybody from law enforcement to randos pretending to be law enforcement.

Throughout all this, the Ajit Pai FCC has done absolutely nothing to seriously police the problem. Meaning that while carriers have promised to stop collecting and selling this data, nobody has bothered to force carriers to actually confirm this. Given telecom's history when it comes to consumer privacy, somebody might just want to double check their math (and ask what happened to all that data already collected and sold over the last decade).

Compounding carrier problems, all four major wireless carriers last week were hit with a class action lawsuit (correctly) noting the carriers had violated Section 222 of the Federal Communications Act by selling consumer proprietary network information (CPNI) data:

"Through its negligent and deliberate acts, including inexplicable failures to follow its own Privacy Policy, T-Mobile permitted access to Plaintiffs and Class Members’ CPI and CPNI,” the complaint against T-Mobile reads, referring to “confidential proprietary information” and “customer proprietary network information,” the latter of which includes location data."

It's likely that the sale of 911 data is where carriers are in the most hot water, since that's their most obvious infraction of the law. It's of course worth pointing out that wireless carriers (and fixed-line ISPs, frankly) have been hoovering up and selling location, clickstream, and a vast ocean of other user data for decades with very few (any?) Congressional lawmakers much caring about it. It's another example of how Facebook's cavalier treatment of user data (and government apathy toward meaningful solutions) isn't just some errant exception -- it's the norm.

Back in 2016, the previous FCC uncharacteristically tried to impose some pretty basic rules that would have gone a long way in preventing these location data scandals by requiring that carriers be more transparent about what data is collected and who it's sold to. It also required consumers opt in to more sensitive (read: financial, location) data. But telecom lobbyists quickly convinced Congress to obliterate those rules in 2017 using the Congressional Review Act before they could even take effect.

Two years later finds the sector swimming in scandal, and everybody has a dumb look on their faces utterly perplexed as to how we got to this point.

Filed Under: class action, fcc, lawsuit, privacy, section 222, telcos
Companies: at&t, sprint, t-mobile, verizon


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 13 May 2019 @ 6:33am

    surprisedpikachu.jpg

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, 13 May 2019 @ 6:41am

    Privacy is deader than copyright protection.

    Brave new world we live in.

    reply to this | link to this | view in thread ]

  3. icon
    Bamboo Harvester (profile), 13 May 2019 @ 7:24am

    Pointless...

    ...carriers sold data over the years for say two billion.

    Class action suit finds them guilty, fines them ten million.

    Lawyers for the suit take just under seven million for themselves.

    The remaining three million is distributed to the hundred and fifty million people who were customers when the events occurred.

    Had one like this with a bank. Got a check for something like sixty-five cents with an eight page cover letter explaining that it was a settlement from a class action against the bank and was "my share" of a multi-million dollar settlement.

    reply to this | link to this | view in thread ]

  4. identicon
    Annonymouse, 13 May 2019 @ 7:38am

    Re: Pointless...

    Until such time as those at the helm physically pay through extended loss of freedom and expropriation of all assets it is just a small line cost on the balance sheet for the corporation.

    reply to this | link to this | view in thread ]

  5. icon
    Bamboo Harvester (profile), 13 May 2019 @ 7:45am

    Re: Re: Pointless...

    Not going to happen.

    Now, if actual Awards were the actual damages, then, say... doubled for punitive reasons, they'd stop pulling these stunts.

    Seriously, if you collect a million dollars "illegally" and the punishment is a $100,000 fine, it's not a fine, it's a cost of doing an incredibly profitable business.

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, 13 May 2019 @ 7:56am

    Re: Pointless...

    The primary purpose of class-action lawsuits is deterrent.

    reply to this | link to this | view in thread ]

  7. icon
    Lord Lidl of Cheem (profile), 13 May 2019 @ 7:57am

    How's about we get Mr Pai's location data and share it in real time on the web - bet it'll become an issue quickly then!

    reply to this | link to this | view in thread ]

  8. identicon
    Anonymous Coward, 13 May 2019 @ 9:04am

    Re: Re: Pointless...

    "The primary purpose of class-action lawsuits is LAWYER PROFIT."

    There fixed it for you.

    reply to this | link to this | view in thread ]

  9. identicon
    Anonmylous, 13 May 2019 @ 9:52am

    Re: Re: Re: Pointless...

    "The primary purpose of class-action lawsuits is CORPORATE PROFIT."
    There, I fixed that for you, bro.

    As pointed out by others, corporations weigh the risk of penalty and lawsuit against the potential profit. Basic math, basic greed. If A is larger than B or C, you do it and let the lawyers deal with the fallout.

    A lot of tort law is "loser pays" as well. Corporations love class-actions because of this. paying 4 lawyers out of the settlement pool is far cheaper than paying dozens or hundreds of lawyers PLUS settlement awards on top of it.

    Corporate. Profit. Never believe for a second it is anything else.

    reply to this | link to this | view in thread ]

  10. icon
    ECA (profile), 13 May 2019 @ 9:55am

    So, lets see.....

    All our data is sold or stolen..
    Corps dont care( I know one that does).
    Our location data is being monitored, and collected WITH SMART PHONES.

    credit bureau hacked, medical records hacked(gov site for medial sign up), banks giving the info away, cell phone carriers selling our data, many game sites have been hacked, the Gov. wants to monitor ALL of us, as well as the whole internet....

    I love it..I really do..
    Go burn a few Credit cards and deny payments.. UUntil they can track THAT, you have free will(just leave the phone at home). They cant prove much unless they get pictures. It would only take a few friends.. The automated credit card machines dont care WHO signs the thing.

    AND you wondered why they were pushing Facial scanning?/ better do it quick, before they get it working..

    reply to this | link to this | view in thread ]

  11. identicon
    Anonymous Coward, 13 May 2019 @ 10:33am

    Re: Re: Re: Re: Pointless...

    A lot of tort law is "loser pays" as well. Corporations love class-actions because of this.

    "Loser pays" isn't the important part for them. The main benefit is that the settlement is binding on parties who don't know about it. They'll give a law firm some tens of millions of dollars, then offer a tiny payout to any customer who was affected and feels like giving all their personal data to some shady settlement website.

    So, the bulk of the money goes to lawyers, and then the only people who can still sue are those who sent formal notice to opt out of the action.

    reply to this | link to this | view in thread ]

  12. identicon
    MethinkestTheysFucked, 13 May 2019 @ 7:18pm

    How much of that location data is related to minors???

    Seems to me that the Big 4 just became criminally accountable for human trafficking of Minors across the US by compiling and selling that location data.

    The only way they can prevent being held accountable is to wipe said data, and never, ever, ever, ever (to infinity and beyond) collect it again.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.