T-Mobile Cares So Much About Consumer Privacy, It's Fighting The FCC's Flimsy Fine For Location Data Sharing

from the light-wrist-slaps dept

T-Mobile, like many mobile carriers, insists in highly values consumer privacy. But that hasn't really been reflected in the company's response to ongoing SIM hijacking scandals. Nor was that dedication particularly apparent when T-Mobile (along with AT&T, Verizon, and Sprint) were all caught selling access to user location and 911 data to pretty much any nitwith with a nickel.

Last week, after a year of stonewalling, the Trump FCC announced it would be doling out some light wrist slaps to companies that were caught selling access to this data. For most of the companies, the fines they received were a tiny, tiny fraction of not only their annual revenues, but the billions made over the last decade selling access to this data to law enforcement, people pretending to be law enforcement, and even stalkers. All four of the companies also just received tens of billions on dollars from the Trump tax cuts in exchange for promises they completely flaked out on.

It would be a pittance to pay off the fine and move on, especially given this particular FCC is unlikely to engage in much follow up to either confirm data collection has actually stopped, or police access to the mountains of data already collected. But T-Mobile says it's intending to fight the fine anyway, because, you know, it cares just that much about consumer privacy and accountability:

"While we strongly support the FCC’s commitment to consumer protection, we fully intend to dispute the conclusions of this NAL and the associated fine," the company said."

So yeah, T-Mobile will "support" the FCC's "commitment to consumer protection" (which barely exists in the first place) by...(checks notes)...fighting the already feeble end result. This is, again, apparently a reflection of T-Mobile taking "consumer privacy seriously":

"We take the privacy and security of our customers’ data very seriously," said T-Mobile. "When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action. We were the first wireless provider to commit to ending the program and terminated it in February 2019 after first ensuring that valid and important services were not adversely impacted."

Again, there's little chance these companies will actually leave billions in location data revenues on the table. While all four major carriers say they've stopped the practice, it's far more likely they've simply tweaked their privacy policies, renamed the collection systems, and buried them deep in some subsidiary somewhere. After all, who is going to do the legwork required to audit the entire industry's privacy and data collection practices, Ajit Pai?

Filed Under: competition, consumers, fcc, fines, privacy
Companies: t-mobile


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Toom1275 (profile), 4 Mar 2020 @ 8:30pm

    Re:

    From another article:

    The Communications Act requires carriers "to protect the confidentiality of certain customer data related to the provision of telecommunications service, including location information," and "take reasonable measures to discover and protect against attempts to gain unauthorized access to this data," the FCC said.

    "The rules also require that carriers or those acting on their behalf generally must obtain affirmative, express consent from a customer before using, disclosing, or allowing access to this data," the FCC continued. "And carriers are liable for the actions of those acting on their behalf."

    T-Mobile, AT&T, Verizon, and Sprint all "sold access to their customers' location information to 'aggregators,' who then resold access to such information to third-party location-based service providers (like Securus)," the FCC said. "Although their exact practices varied, each carrier relied heavily on contract-based assurances that the location-based services providers (acting on the carriers' behalf) would obtain consent from the wireless carrier's customer before accessing that customer's location information."

    Hutcheson's access to customer-location information makes it clear that the carriers did not make adequate efforts to safeguard the data, the FCC said. "Yet all four carriers apparently continued to sell access to their customers' location information without putting in place reasonable safeguards to ensure that the dozens of location-based services providers acting on their behalf were actually obtaining consumer consent," the FCC said.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.