T-Mobile Cares So Much About Consumer Privacy, It's Fighting The FCC's Flimsy Fine For Location Data Sharing

from the light-wrist-slaps dept

T-Mobile, like many mobile carriers, insists in highly values consumer privacy. But that hasn't really been reflected in the company's response to ongoing SIM hijacking scandals. Nor was that dedication particularly apparent when T-Mobile (along with AT&T, Verizon, and Sprint) were all caught selling access to user location and 911 data to pretty much any nitwith with a nickel.

Last week, after a year of stonewalling, the Trump FCC announced it would be doling out some light wrist slaps to companies that were caught selling access to this data. For most of the companies, the fines they received were a tiny, tiny fraction of not only their annual revenues, but the billions made over the last decade selling access to this data to law enforcement, people pretending to be law enforcement, and even stalkers. All four of the companies also just received tens of billions on dollars from the Trump tax cuts in exchange for promises they completely flaked out on.

It would be a pittance to pay off the fine and move on, especially given this particular FCC is unlikely to engage in much follow up to either confirm data collection has actually stopped, or police access to the mountains of data already collected. But T-Mobile says it's intending to fight the fine anyway, because, you know, it cares just that much about consumer privacy and accountability:

"While we strongly support the FCC’s commitment to consumer protection, we fully intend to dispute the conclusions of this NAL and the associated fine," the company said."

So yeah, T-Mobile will "support" the FCC's "commitment to consumer protection" (which barely exists in the first place) by...(checks notes)...fighting the already feeble end result. This is, again, apparently a reflection of T-Mobile taking "consumer privacy seriously":

"We take the privacy and security of our customers’ data very seriously," said T-Mobile. "When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action. We were the first wireless provider to commit to ending the program and terminated it in February 2019 after first ensuring that valid and important services were not adversely impacted."

Again, there's little chance these companies will actually leave billions in location data revenues on the table. While all four major carriers say they've stopped the practice, it's far more likely they've simply tweaked their privacy policies, renamed the collection systems, and buried them deep in some subsidiary somewhere. After all, who is going to do the legwork required to audit the entire industry's privacy and data collection practices, Ajit Pai?

Filed Under: competition, consumers, fcc, fines, privacy
Companies: t-mobile


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 4 Mar 2020 @ 10:47am

    no surprise here, then. and i'll bet the wankers on the take in Congress will be all over this, making sure it never happens again!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 Mar 2020 @ 11:45am

    "While we strongly support the FCC’s commitment to consumer protection, we fully intend to dispute the conclusions of this NAL and the associated fine," the company said."

    There is one way to reconcile this logic: T-Mobile asks the court to throw out this laughably small fine and replace it with some real punishment and a harsher report.

    reply to this | link to this | view in chronology ]

  • identicon
    1998 OR2, 4 Mar 2020 @ 1:26pm

    just out of curiosity in legal due process:

    exactly what law/reg is T-Mobile being fined for violating ?

    ... or did FCC just create some new rule or novel interpretation of some longstanding rule ?

    reply to this | link to this | view in chronology ]

    • icon
      Toom1275 (profile), 4 Mar 2020 @ 8:30pm

      Re:

      From another article:

      The Communications Act requires carriers "to protect the confidentiality of certain customer data related to the provision of telecommunications service, including location information," and "take reasonable measures to discover and protect against attempts to gain unauthorized access to this data," the FCC said.

      "The rules also require that carriers or those acting on their behalf generally must obtain affirmative, express consent from a customer before using, disclosing, or allowing access to this data," the FCC continued. "And carriers are liable for the actions of those acting on their behalf."

      T-Mobile, AT&T, Verizon, and Sprint all "sold access to their customers' location information to 'aggregators,' who then resold access to such information to third-party location-based service providers (like Securus)," the FCC said. "Although their exact practices varied, each carrier relied heavily on contract-based assurances that the location-based services providers (acting on the carriers' behalf) would obtain consent from the wireless carrier's customer before accessing that customer's location information."

      Hutcheson's access to customer-location information makes it clear that the carriers did not make adequate efforts to safeguard the data, the FCC said. "Yet all four carriers apparently continued to sell access to their customers' location information without putting in place reasonable safeguards to ensure that the dozens of location-based services providers acting on their behalf were actually obtaining consumer consent," the FCC said.

      reply to this | link to this | view in chronology ]

  • icon
    Nathan F (profile), 4 Mar 2020 @ 1:27pm

    As happy as I am to see this happen, I have to wonder if the fine is even going to be a fraction of the amount they earned selling the information. It is all well and good to censor and punish them for the violation of the law, but when the payoff is many times the value of the fine it doesn't act as any kind of real deterrent.

    This was my comment from one month ago when the article saying the FCC was going to fine them was published. I am relieved that my expectations were not set that high so as to be disappointed by the amount of this fine. The fact that someone is actually contesting this amount vs the amount they likely made off the practice is ludicrous.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Mar 2020 @ 4:54am

      Re:

      The fact that someone is actually contesting this amount vs the amount they likely made off the practice is ludicrous.

      Not if it legalizes the practice of selling user data to anyone who ticks all the correct boxes in contract.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.