The US Federal Communications Commission (FCC) expects to finalise nearly $200 million in fines for AT&T, T-Mobile US and Verizon for illegally selling subscribers’ real-time locations to third-party distributors without their consent.
The agency’s Forfeiture Orders announced yesterday (29 April) it had completed its Notices of Apparent Liability (NAL) issued against the three mobile operators in February 2020. Sprint is also named for its actions prior to the merger with T-Mobile in April 2020.
On 17 April, after reviews of the operators’ NAL responses, FCC commissioners voted along party lines to fine AT&T $57 million, Verizon $46 million and T-Mobile $80 million along with $12 million for Sprint.
The FCC Enforcement Bureau’s investigations of the four operators found that each sold access to its customers’ location information to “aggregators,” who then resold access to such information to third-party location-based service providers.
“In doing so, each carrier attempted to offload its obligations to obtain customer consent onto downstream recipients of location information, which in many instances meant that no valid customer consent was obtained,” the FCC stated.
It noted the operators compounded their initial failures after becoming aware their safeguards were not effective by continuing to “sell access to location information without taking reasonable measures to protect it from unauthorised access”.
FCC chair Jessica Rosenworcel, a member of the Democratic Party, voted in favour of the fines.
The operators sold “real-time location information to data aggregators, allowing this highly sensitive data to wind up in the hands of bail-bond companies, bounty hunters, and other shady actors,” Rosenworcel said in a statement.
Commissioner Brendan Carr, a member of the Republican Party, voted against the retroactively “eye-popping forfeitures”.
He noted for over a decade location-based service (LBS) providers offered valuable services to consumers, such as emergency medical response and roadside assistance. Carr stated a 2018 news report revealed a local law enforcement officer had misused access to an LBS provider’s services and was prosecuted for his unlawful actions.
“Subsequently, all of the participating carriers ended their LBS programs. So our decision today does not address any ongoing practice”.
Operators plan appeal
Representatives from T-Mobile, AT&T and Verizon told Mobile World Live (MWL) they are opposed to the FCC’s findings.
T-Mobile stated the FCC decision “is wrong, and the fine is excessive. We intend to challenge it”.
It noted the company’s “industry-wide third-party aggregator location-based services program was discontinued more than five years ago after we took steps to ensure that critical services like roadside assistance, fraud protection and emergency response would not be disrupted”.
Verizon told MWL the FCC’s order “gets it wrong on both sides of the facts and law,” and that it plans to appeal the decision.
“When one bad actor gained unauthorised access to information relating to a very small number of customers, we quickly and proactively cut off the fraudster, shut down the program, and worked to ensure this couldn’t happen again,” the representative explained.
An AT&T representative told MWL “the FCC order lacks both legal and factual merit,” and that it expects to appeal the order after conducting a legal review.
“It unfairly holds us responsible for another company’s violation of our contractual requirements to obtain consent, ignores the immediate steps we took to address that company’s failures, and perversely punishes us for supporting life-saving location services”.
The post FCC fines US operators nearly $200M for selling customer data appeared first on Mobile World Live.
Commercials Cooperation Advertisements:
(1) IT Teacher IT Freelance
立刻註冊及報名電腦補習課程吧!
电子计算机 -教育 -IT 電腦班” ( IT電腦補習 ) 提供一個方便的电子计算机 教育平台, 為大家配對信息技术, 電腦 老師, IT freelance 和 programming expert. 讓大家方便地就能找到合適的電腦補習, 電腦班, 家教, 私人老師.
We are a education and information platform which you can find a IT private tutorial teacher or freelance.
Also we provide different information about information technology, Computer, programming, mobile, Android, apple, game, movie, anime, animation…
(2) ITSec
www.ITSeceu.uk
Secure Your Computers from Cyber Threats and mitigate risks with professional services to defend Hackers.
ITSec provide IT Security and Compliance Services, including IT Compliance Services, Risk Assessment, IT Audit, Security Assessment and Audit, ISO 27001 Consulting and Certification, GDPR Compliance Services, Privacy Impact Assessment (PIA), Penetration test, Ethical Hacking, Vulnerabilities scan, IT Consulting, Data Privacy Consulting, Data Protection Services, Information Security Consulting, Cyber Security Consulting, Network Security Audit, Security Awareness Training.
Contact us right away.
Email (Prefer using email to contact us):
SalesExecutive@ITSec.vip