- Instagram has mixed feelings about Mindy Kaling supporting Aziz Ansari Saturday 5:02 PM
- Donald Trump keeps pushing his unsubstantiated voter fraud claims Saturday 4:09 PM
- Report: YouTube will no longer run ads on anti-vax channels Saturday 2:54 PM
- Microsoft employees want to cancel a $479 million contract with the U.S. military Saturday 1:14 PM
- Queso recipe gets launched to space Saturday 10:09 AM
- ‘Isabelle Facts’ was a wholesome queer meme account—until harassers showed up Saturday 8:28 AM
- 2016 election stories the ‘Newsroom’ reboot will cover Saturday 6:30 AM
- How to stream Brandon Rios vs. Humberto Soto for free Saturday 6:00 AM
- ‘The Haunting of Hill House’ heads to ‘Bly Manor’ for next installment Saturday 5:45 AM
- How to stream James DeGale vs. Chris Eubank Jr. for free Saturday 5:30 AM
- How to stream UFC Fight Night 145 in Prague for free Saturday 5:00 AM
- R. Kelly charged in Chicago with multiple counts of sex abuse Friday 7:51 PM
- Elon Musk finally hosts PewDiePie’s meme review Friday 6:27 PM
- Netflix throws ‘Umbrella Academy’-themed wedding for fans Friday 4:54 PM
- Report: Facebook collects app data on users’ body weight, menstrual cycles Friday 3:38 PM
Pixabay (Public Domain)
Just one company gave 250 bounty hunters access to AT&T, T-Mobile, and Sprint customer data.
The location data of countless U.S. cellphone users was secretly being accessed by hundreds of bounty hunters despite previous claims from mobile providers that such abuses were isolated, Motherboard reports.
Documents from a location data selling company known as CerCareOne, which ceased operations in 2017, have revealed that roughly “250 bounty hunters and related businesses” had access to information from AT&T, T-Mobile, and Sprint customers.
Motherboard’s Joseph Cox notes that just one bail bond firm used CerCareOne’s services over 18,000 times. The company not only had location information derived from cell towers but from “highly sensitive and accurate GPS data” as well.
According to Blake Reid, associate clinical professor at Colorado Law, the GPS data was originally intended to be used only by emergency services in order to locate people who had dialed 911.
“The only reason we grant carriers any access to this information is to make sure that first responders are able to locate us in an emergency,” Reid told Motherboard. “If the carriers are turning around and using that access to sell information to bounty hunters or whomever else, it is a shocking abuse of the trust that the public places in them to safeguard privacy while protecting public safety.”
CerCareOne, which forced its customers to sign agreements to keep their existence secret, would charge as much as $1,100 for an individual’s location.
“The news shows how widely available Americans’ sensitive location data was to bounty hunters,” Cox writes. “This ease-of-access dramatically increased the risk of abuse.”
A bail agent whose name was found among the documents defended the practice, arguing that it specifically targeted fugitives.
“This type [of] information is solely used for and extremely beneficial in locating and tracking wanted fugitives who have jumped bond and are also wanted by law enforcement for absconding from justice,” the bail agent said.
The scale of the secretive location data market has caused concern among lawmakers and privacy advocates alike. Sen. Ron Wyden (D-Ore.), a vocal critic of many tech companies’ data practices, said in a statement to Motherboard the latest discovery proves the issue is far worse than previously believed.
“Carriers assured customers location tracking abuses were isolated incidents. Now it appears that hundreds of people could track our phones, and they were doing it for years before anyone at the wireless companies took action,” Wyden said. “That’s more than an oversight—that’s flagrant, willful disregard for the safety and security of Americans.”
The aforementioned mobile service providers promised last month to stop selling its customers’ location data altogether. AT&T has stated that it was unaware of the alleged abuses by CerCareOne while the company was active.The FCC has stated that it is currently investigating the handling of location information by the major carriers.
Mikael Thalen is a freelance journalist based in Seattle, covering all things technology, including social media, data breaches, hackers, and more.