Bottom line: Following the Cambridge Analytica scandal, companies are taking customer privacy more seriously than ever before. Just ask US carriers Verizon, AT&T, T-Mobile, and Sprint, who have all now pledged to stop selling customer location data to third-party brokers.
The move comes after Senator Ron Wyden (D-OR) sent a letter to FCC Chairman Ajit Pai last month asking the agency to investigate the “abusive and potentially unlawful practices of wireless carriers,” adding that they had permitted at least one company to provide law enforcement with access to the location data of carriers’ customers.
One of these companies was prison telecom firm Securus, a customer of phone-tracking service LocationSmart. The New York Times revealed how a former Mississippi County sheriff used Securus to get location data without a warrant.
Verizon was the first to respond to Wyden. In a letter of its own, the carrier said it had ended its contract with LocationSmart and Zumigo after learning the companies were giving location data to law enforcement without customers’ consent. It added that it had suspended Securus’ access to its customer data.
Wyden praised Verizon for "taking quick action to protect its customers' privacy and security," while criticizing the other carriers for their lack of action.
But AT&T soon followed in its rival’s footsteps, announcing that it would “be ending our work with aggregators for these services as soon as practical in a way that preserves important, potential lifesaving services like emergency roadside assistance."
Sprint quickly put out a similar statement, explaining that it was “beginning the process of terminating its current contracts with data aggregators to whom we provide location data.”
That left T-Mobile. CEO John Legere eventually tweeted that the firm "will not sell customer location data to shady middlemen," but didn’t go into any specifics. The company later sent a statement to Wyden’s office that read: "We ended all transmission of customer data to Securus and will wind down our location aggregator agreements."
Sounds like word hasn’t gotten to you, @ronwyden. I’ve personally evaluated this issue & have pledged that @tmobile will not sell customer location data to shady middlemen. Your consumer advocacy is admirable & we remain committed to consumer privacy. https://t.co/UPx3Xjhwog— John Legere (@JohnLegere) 19 June 2018
Back in May, a bug on LocationSmart’s website allowed anyone to see the real-time location of US cell phone users, and without their consent.