Verizon recently pledged to stop giving data brokers access to the real-time location of U.S. cellphone users, and now the other big three carriers are following suit. As part of its offering, Securus reportedly used location data it obtained from 3Cinteractive, which also received the trove of information from LocationSmart - a location aggregator with a history of buying data access from wireless carriers in the U.S.
Last month, a report indicating that Securus-a company that provides smartphone tracking tools for United States law enforcement-was hacked, with thousands of pieces of data including account credentials leaked.
AT&T Inc and T-Mobile US Inc said in letters to Wyden that they have blocked the prison phone company from accessing customer data, but stopped short of saying they would stop selling the location data to others. In a letter of its own, the carrier said it had ended its contract with LocationSmart and Zumigo after learning the companies were giving location data to law enforcement without customers' consent.
In a letter to Senator Ron Wyden of OR dated June 15 and released by Wyden's office on Tuesday, Verizon said it was beginning the process to stop selling customer location data to vendors that aggregate the data. AT&T said it would do the same "as soon as practical". LocationSmart provides data only at the instant it is requested by a service like roadside assistance and user consent has been obtained.
The carriers said they will wind down data-sharing agreements with LocationSmart and Zumigo, which buy access to the real-time locations of users from major USA carriers and allow other businesses to tap into it, Wall Street Journal reported. Like Verizon, AT&T says it needs to make sure essential services as emergency roadside assistance are not affected.
Wyden praised Verizon's response and said the replies from its rivals suggested they "seem content to continue to sell their customers' private information to these shady middle men, Americans' privacy be damned". The carriers could all sell this location data directly - none of the companies commented on this possibility. The social network has enacted measures to allay concerns over data privacy, and plans to require advertisers to tell users if data brokers provided the information that led to them being targeted with an ad.
Wyden asked the carriers to identify which third parties have been acquiring carrier location data and to provide details such as any third-party sharing of location data without customer consent. Sprint only said that its customers have to "generally be notified" of such data sales.
Privacy advocates called the carriers' decision a small victory, but called for further safeguards on consumer data. Now that the broker sales are not permitted by the company, data sharing will not be possible.