Affiliate links on Android Authority may earn us a commission. Learn more.
FCC just fined major carriers $200 million for selling customer location data
- AT&T, Verizon, Sprint, and T-Mobile have been fined a combined total of nearly $200 million for illegally selling your location data.
- These carriers shared your location information without your permission and even continued doing so after learning about unauthorized access.
The Federal Communications Commission (FCC) has taken decisive action against AT&T, Verizon, Sprint, and T-Mobile, fining them nearly $200 million for illegally selling customer location data without proper consent. This marks the culmination of a long-running investigation that highlights the carriers’ disregard for privacy and accountability.
The FCC probe revealed a disturbing system where carriers initially sold location data to “aggregators.” These aggregators then resold the data to numerous third parties, including bounty hunters, credit card companies, and law enforcement.
The carriers were essentially absolving themselves of responsibility by claiming it was up to these third parties to obtain customer consent — a loophole that often resulted in no one asking for customer permission at all.
“Our communications providers have access to some of the most sensitive information about us. These carriers failed to protect the information entrusted to them. Here, we are talking about some of the most sensitive data in their possession: customers’ real-time location information, revealing where they go and who they are,” stated FCC Chairwoman Jessica Rosenworcel.
Shockingly, even after learning of this unauthorized data use, the carriers continued their programs without implementing reasonable safeguards. This jeopardized the privacy of countless customers, leaving their whereabouts exposed to potential misuse.
T-Mobile faces the largest fine at $80 million, followed by AT&T at $57 million, Verizon at $47 million, and Sprint at $12 million. The penalties vary based on the duration of the misconduct and the number of entities that accessed location data.
The investigations date back to 2019 when reports emerged that customer location data was being shared without consent through a service operated by Securus, a communications provider for correctional facilities.