When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

FCC hits top US carriers with nearly $200 million fine for sharing user location illegally

Neowin · with 2 comments

FCC logo along with mobile antenna tower

The Federal Communications Commission (FCC) has fined major wireless carriers, including AT&T, Sprint, T-Mobile, and Verizon, nearly $200 million for illegally sharing customers' location data without consent and failing to protect this sensitive information adequately. The fines were imposed due to the carriers selling access to location data to aggregators, who later resold it to third-party service providers without obtaining valid customer consent.

The carriers have been found in violation of federal law, which requires them to safeguard customer information and obtain explicit consent before sharing it. Sprint and T-Mobile, which have merged since the investigation started, are fined over $12 million and $80 million, respectively. AT&T faces a fine exceeding $57 million, while Verizon is fined nearly $47 million.

FCC Chairwoman Jessica Rosenworcel said:

“Our communications providers have access to some of the most sensitive information about us. These carriers failed to protect the information entrusted to them. Here, we are talking about some of the most sensitive data in their possession: customers’ real-time location information, revealing where they go and who they are.

As we resolve these cases – which were first proposed by the last Administration – the Commission remains committed to holding all carriers accountable and making sure they fulfill their obligations to their customers as stewards of this most private data.”

The FCC Enforcement Bureau investigations revealed that the four carriers sold access to customers' location data to "aggregators", who then resold it to third-party service providers. This practice allowed the carriers to shift the responsibility of obtaining consent onto downstream recipients, leading to instances where no valid customer consent was obtained. The FCC says that even after realizing that their safeguards were ineffective, the carriers continued to sell access to location information without implementing adequate measures to protect it from unauthorized access.

According to section 222 of the Communications Act, carriers are mandated to take reasonable measures to safeguard customer information, including location data. They are required to maintain the confidentiality of such information and must obtain explicit customer consent before disclosing or allowing access to it.

This includes situations where data is being shared with third parties, like in this case.

Despite the fines, the carriers plan to appeal the decision, arguing that the penalties are excessive and lack legal merit.

Report a problem with article
Google Chrome hero
Next Article

Google Chrome's search bar is now powered by machine learning to offer better suggestions

amazon echo dot
Previous Article

The 5th Gen Amazon Echo Dot smart speaker is currently discounted by 44 percent

Join the conversation!

Login or Sign Up to read and post a comment.

2 Comments - Add comment