Your cellphone service provider is probably selling access to your real-time location. That’s the takeaway from a still-developing story that all started when a former police sheriff used a cellphone-locating service meant to track prisoners to find people who aren’t inmates—according to a chilling report in the New York Times. His alleged targets included a judge and members of the State Highway Patrol, and he reportedly tracked their phones without a warrant.
Stories about potential violations of the 4th Amendment (for those that slept through high school civics, that’s the one about search and seizures) don’t typically make headlines, but this one did. While the sheriff pleaded not guilty to unlawful surveillance, the very idea that he could easily use cellphone data to track people without a probable-cause warrant revealed a potentially gaping loophole in laws meant to protect citizens from warrantless searches by police and the government.
Last week, Democratic Senator Ron Wyden of Oregon sent a letter demanding that the FCC investigate why Securus Technologies, the prison technology company used by the sheriff, can track any phone “within seconds” by using data obtained from cell phone companies, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary called LocationSmart.
While federal law makes it unlawful for a telecom company to release data to a government agency without a warrant, as ZDNet points out, the law “doesn’t restrict disclosure to other companies, who then may disclose that same data to the government.”
LocationSmart collects real-time location data from cellphone giants and then, according to ZDNet, sells access to companies like Securus. While Securus told the New York Times it required an “official document giving permission” to obtain real-time location data, Wyden’s letter noted that Securus confirmed that it did not “conduct any review of surveillance requests.”