Some lawmakers want answers on why cellphone data from users across the country is still being sold to third parties.
What prompted this?
Their comments are coming in response to a report by the website Motherboard that shows T-Mobile, AT&T, Sprint, and other companies are still selling location data to third parties. The information is not only a privacy violation, it can easily fall into the hands of criminals and others looking to harass people, the investigation found.
"This is outrageous. I didn't sign up for this when I signed up for wireless service and I bet neither did you," FCC Commissioner Jessica Rosenworcel told CBS News.
She wants to investigate how cellphone companies sell your location.
"It turns out that they're selling that information to companies called location aggregators who in turn are selling that to shady middlemen who for a few hundred dollars will sell to anyone, your location within a few hundred meters," Rosenworcel said. "I think that is a problem."
Sen. Ron Wyden (D-Ore.) is proposing legislation that would protect users' personal data.
"Location data is now so precise, this is a dream for spies and stalkers and predators," Wyden told the news outlet.
"What we were told in 2018 is that they would stop selling location data and now we're seeing evidence that it's still happening," he added. "It's a pattern. You know, they do it, they get caught, they apologize and it's kind of wash rinse and repeat."
Sprint, for example, told CBS News that it didn't know that some of the companies it sold data to was not protecting the information. The company also told the news outlet it has terminated those contracts.
How dangerous is it?
Motherboard found that "exposed mobile networks and the data they generate" also leaves them vulnerable to surveillance by ordinary citizens.
The report explained:
Although many users may be unaware of the practice, telecom companies in the United States sell access to their customers' location data to other companies, called location aggregators, who then sell it to specific clients and industries. Last year, one location aggregator called LocationSmart faced harsh criticism for selling data that ultimately ended up in the hands of Securus, a company which provided phone tracking to low level enforcement without requiring a warrant. LocationSmart also exposed the very data it was selling through a buggy website panel, meaning anyone could geolocate nearly any phone in the United States at a click of a mouse.