Last week, Motherboard reported that some of the largest cell phone companies are selling real-time phone locations, and that that data is ending up on the black market. Now, Congress wants answers.
The news led to widespread calls for an investigation into why anyone with the cash—the Motherboard reporter paid $300 for a geolocation—can buy this information. Joining the chorus was Rep. Frank Pallone (D-N.J.), chair of the House Committee on Energy and Commerce, who requested an emergency hearing with Federal Communications Commission Chairman Ajit Pai to discuss why the FCC had not ended this practice. Yesterday, Pai refused.
In a statement, Pallone said, “In a phone conversation today, [Pai’s] staff asserted that these egregious actions are not a threat to the safety of human life or property that the FCC will address during the Trump shutdown.”
According to Motherboard, AT&T, T-Mobile, and Sprint generate location data based on which cell tower a phone is nearest. They sell this data to companies such as Microbilt, which reportedly then sells the information “with little oversight” to third parties, some of whom then resell it on the black market. It is not possible for people to use the phone without a locator, as carriers rely on it to provide them with service. Consequently, it is possible for bill collectors, process servers, stalkers, terrorists, etc., to track people down in real time.
Yet, according to Pallone, Chairman Pai does not see this issue as “a threat to the safety of human life or property,” referring to the standard by which the government decides whether furloughed employees must continue working during a partial shutdown.
FCC Commissioner Jessica Rosenworcel was quick to blast Pai’s refusal.
“Your wireless phone location data is being sold by shady entities that you never gave permission to track you. That’s a personal and national security issue. No law stops the FCC from meeting with Congress to discuss this right now. It needs investigation,” she tweeted yesterday.
Your wireless phone location data is being sold by shady entities that you never gave permission to track you. That’s a personal and national security issue. No law stops the @FCC from meeting with Congress to discuss this right now. It needs investigation.https://t.co/XbPpFyS1ec
— Jessica Rosenworcel (@JRosenworcel) January 14, 2019
Legally, cell phone carriers are required to safeguard consumer data and obtain permission before providing it to third parties, other than law enforcement with legal authorization. In practice, it does not appear as though the companies are adhering to said requirements enumerated in the 1996 Communications Act.
This is not the first time the issue has been in the news. Last May, the New York Times reported that another company, Securus, was providing location data to law enforcement with little or no meaningful oversight.
The New York Times noted that, while cell phone carriers contractually require companies that pay for geolocation data to obtain consumer permission before selling it, such contracts essentially amount to what Sen. Ron Wyden (D-Ore.) described as a “pinky promise.” Because no one is making certain the companies comply with the terms of the contract.
Sprint, T-Mobile,and AT&T told the paper they were investigating the matter. Weeks later, Reuters reported that AT&T and T-Mobile claimed to have blocked Securus’ access to consumer data, but did not say whether they would stop selling geolocation data completely. Sprint said it would block access if any wrongdoing were found.
Motherboard’s story calls into question whether companies have made any effort to stop real-time location data from getting into the hands of anyone willing to pay for it.
Thus far, Chairman Pai has not commented on the matter. Which some may say is pretty brazen for a man who claims on his FCC bio, “Public safety is a top priority.”
Update 12:00pm CT, Jan. 15: In a statement to the Daily Dot, the FCC said they have been investigating the matter, but their work was halted because of the government shutdown.
“As we told Committee staff today, the Commission has been investigating wireless carriers’ handling of location information. Unfortunately, we were required to suspend that investigation earlier this month because of the lapse in funding, and pursuant to guidance from our expert attorneys, the career staff that is working on this issue are currently on furlough. Of course, when the Commission is able to resume normal operations, the investigation will continue.”