advertisement
advertisement

U.S. cell carriers are probably still selling your real-time phone location data

U.S. cell carriers are probably still selling your real-time phone location data
[Photo: Denys Nevozhai/Unsplash]

Facebook and Google grab headlines for their roles in the massively profitable “personal data economy.” You know, the business of buying and selling your personal browsing habits to advertisers, pollsters, and other deep-pocketed third parties.

advertisement

But cell phone companies deserve some attention, too.

Last year, news broke that your cellphone service provider is probably selling access to your real-time location. After it came out, Democratic Senator Ron Wyden of Oregon sent a letter demanding that the FCC investigate why the third-party organization Securus Technologies was able to track any phone “within seconds” by using data obtained from cell phone companies, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary called LocationSmart.

In the wake of Wyden’s inquiry, most of the major cell phone companies claimed to have taken action. For instance, AT&T vowed to “protect customer data” and “shut down” Securus’s access to its real-time store of customer location data. T-Mobile chief executive John Legere tweeted at the time that he “personally evaluated the issue” and promised that the company “will not sell customer location data to shady middlemen.”

Those companies may not be living up to their promises, though.

New reporting by Motherboard shows that while companies may have severed ties with LocationSmart, most of them overlooked the other big player in the location-tracking business, Zumigo. Motherboard paid a bond company $300 to track down one of their reporters using only a phone number. The bounty hunter quickly obtained the reporter’s location using Zumigo’s location data from his T-Mobile phone. Zumigo, in turn, reportedly shares information with Microbilt, a third-party organization akin to Securus. According to Motherboard, “Microbilt shared that data with a customer using its mobile phone tracking product. The bounty hunter then shared this information with a bail industry source, who shared it with Motherboard.”

While they didn’t test the other companies, Microbilt’s product documentation suggested it would work on AT&T and Verizon as well as T-Mobile. For its part, T-Mobile told Motherboard it “does not have a direct relationship” with Microbilt, but admitted one with Zumigo.

In a tweet, Wyden called T-Mobile and Legere to task for failing to live up to Legere’s pledge not “to sell customer location data to shady middlemen.”

When reached for comment, T-Mobile directed us to Legere’s Twitter feed, where he wrote that the company has “blocked access to device location data for any request submitted by Zumigo on behalf of Microbilt” and that the company is nearly finished with the process of “terminating the agreements” it has with third-dfparty data aggregators.

advertisement
advertisement