1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Location data sold by major cell providers is ending up in the hands of unauthorized individuals

By Polycount ยท 6 replies
Jan 9, 2019
Post New Reply
  1. To be clear, we're not implying carriers are selling your data directly to said individuals. Quite the opposite - cell providers are likely completely oblivious to the information's final destination.

    For example, Motherboard journalist Joseph Cox managed to obtain live cell phone location data that had been exposed to a whopping "six different entities." T-Mobile sold the initial data to a "location aggregator" called Zumigo, who then shared it with "credit data and risk management" company Microbilt, which shared it with a "customer" using its mobile phone tracking service (a bounty hunter).

    The bounty hunter then reportedly handed the data off to a "bail industry source," and it was finally passed along to Motherboard.

    Though it may seem at first like the simplest solution to this problem is a blanket ban on all location data sales from mobile carriers, there could be unintended consequences to doing so. Roadside assistance companies, and other perfectly legitimate enterprises rely on data provided by firms like Zumigo to function.

    So, where along the line was the data "compromised" in this case? Microbilt seems to be the company who deserves most of the scrutiny, as it allegedly allowed its ongoing device location monitoring service to be abused by a "rogue individual" who claimed to represent a "licensed" bail bond company.

    For now, Microbilt's access to Zumigo data has been cut off, and T-Mobile has taken the "additional precaution" of blocking any Zumigo requests for data that are placed on behalf of Microbilt. However, that doesn't address the ongoing problem. Just because Microbilt's access has been cut off doesn't mean other, similar companies aren't offering similar (if not identical) services.

    Furthermore, AT&T and Sprint have similar arrangements with companies like Zumigo, and location data is reportedly ending up in similar places.

    For now, it's not clear how to solve this problem without causing quite a bit of collateral damage. However, merely being aware that these breaches of privacy are occurring is better than nothing.

    Permalink to story.

     
  2. Evernessince

    Evernessince TS Evangelist Posts: 3,539   +2,853

    Expect this to get worse until laws are passed detailing how data may be shared.
     
    senketsu and xxLCxx like this.
  3. psycros

    psycros TS Evangelist Posts: 2,514   +2,212

    No company needs to know your current location at all times. The fact that we tolerate this shows how apathetic and ignorant people are these days.
     
  4. Uncle Al

    Uncle Al TS Evangelist Posts: 4,875   +3,315

    Bring em in, lock em up!
     
  5. brucek

    brucek TS Booster Posts: 77   +86

    Let's get this fixed. Some brave journalist please buy and publish a month's worth of location data for say each of the senators that are on the committee that handles this issue (assuming this is legal, which is the exact problem we're trying to solve.) I bet we'd see legislation to fix it within the following week.

    Or otherwise, as long as it only happens to regular people, we'll keep getting empty apologies and promises with little band-aids here and there but no real change to the overall situation.
     
    Knot Schure likes this.
  6. "cell providers are likely completely oblivious to the information's final destination."
    well I'm sure not surprised and I'm just some average guy. This in fact is the entire problem with this behind the scenes data sharing. We've seen only the tip of the iceberg as the saying goes.
     
  7. Impudicus

    Impudicus TS Booster Posts: 95   +45

    Selling data I generate without paying me for it should be considered stealing in the first place.
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...