Skip to content

Verizon, T-Mobile and others fined $200M for illegal data sharing

  • by
  • 3 min read

The Federal Communications Commission (FCC) imposed significant fines worth $200 million on some of the largest wireless carriers in the United States, including Verizon, T-Mobile, Sprint, and AT&T, for unlawfully sharing customers’ location information without consent.

Sprint and T-Mobile, now merged entities, face fines exceeding $12 million and $80 million, respectively. AT&T is penalised with a hefty $57 million fine, while Verizon must pay nearly $47 million.

The FCC’s Enforcement Bureau conducted thorough investigations into these carriers’ practices, revealing a systematic breach of privacy protocols. Each carrier sold access to customer location data to intermediaries known as ‘aggregators,’ who further distributed this sensitive information to third-party location-based service providers.

The fundamental flaw in this process was the absence of valid customer consent, as carriers failed to ensure that downstream recipients obtained proper authorisation.

Moreover, the investigations found that the carriers neglected their duty to protect customer information, as Section 222 of the Communications Act mandates. This regulation requires carriers to implement reasonable measures to safeguard customer data, including location information, and to obtain explicit consent before sharing or allowing access to such data.

By disregarding these obligations, the carriers exposed millions of customers to potential privacy breaches.

This is an image of t mobile featured 1
T-Mobile was hit with a whopping $80 million fine by the FCC.

The genesis of these fines traces back to public reports alleging the unauthorised disclosure of location information by major wireless carriers to a Missouri Sheriff. This disclosure, facilitated through a ‘location-finding service’ operated by Securus, a communications services provider for correctional facilities, raised serious concerns about privacy violations.

Despite being alerted to these breaches, the carriers persisted in their practices without implementing adequate safeguards to prevent further unauthorised access.

The April FCC’s Forfeiture Orders finalised the Notices of Apparent Liability of 2020. Following a review of submissions made in response to the initial notices, the fines for T-Mobile and Verizon were reduced, while the fine amounts for AT&T and Sprint remained unchanged.

“The protection and use of sensitive personal data such as location information is sacrosanct,” said Loyaan A. Egal, Chief of the FCC Enforcement Bureau and Chair of its Privacy and Data Protection Task Force. “When placed in the wrong hands or used for nefarious purposes, it puts all of us at risk.”

In the News: Memory feature brings personalised interactions to ChatGPT Plus

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of cyber security hacked breach

Case study reveals Chinese hackers spent over 300 days in US electricity grid

This is an image of iphone with apple logo

Match Group, AIDF denied Apple’s confidential antitrust data

Photo: ascannio / shutterstock. Com

X’s outage can’t be traced by researchers and Musk alike

This is an image of malware featured security

DPRK’s KoSpy spyware targets SK, India, Russia, and Middle East

This is an image of honey featured 1

Google updates Chrome Extension policy after Honey scam

This is an image of apple featured 220923

Apple patches critical zero-day exploit targeting iPhones and iPads

>