Location-data has been both a boon and a bane since the time smartphones have entered into our lives. We have become used to the comfort provided by the location-based services, however, a thought that has been constantly bothering us is, “Am I safe with my location being made known to so many people?”
There has been a lot of hue and cry around breach of privacy and selling of user data by telecom companies. Regulations have been passed, ‘consent’ being used as a measure to safeguard the interests of the telecom giants, but still all has not been well. If things would have been going the way they are supposed to be, we would not be having Mark Zuckerberg apologizing for data breach. While aggregators have been slapped with lawsuits and public apologies, what is the source of all contention?
Of course, the problem begins with the ‘attitude’ and ‘not so favorable’ intentions of the telecom giants. In an effort to curb the menace at the roots, Commissioner of Federal Communications Commission (FCC), Jessica Rosenworcel on May 1, 2019 via a letter, sought details from AT&T, T-Mobile, Sprint, and Verizon about their data handling practices. ‘How much location-data is made available to the aggregators?’ – this was the crux of the investigation.
AT&T defends itself
On May 17, 2019, AT&T replied to the letter, stating:
It had phased out provision of customer location information to aggregators in June 2018. It made an exception for use cases involving emergency services and fraud prevention.
Before it provided customer location data to an aggregator or location- based services (LBS) provider, it investigated them -their corporate history, security policies, and privacy policies — and approved each planned use of customer location data. The mighty ‘consent’ to the rescue, we say.
As of March 29, 2019, AT&T stopped sharing any AT&T customer location data with location aggregators and LBS providers. All parties who have received AT&Tcustomer location data in connection are required to delete that information and it verifies that they have done so. I still don’t feel safe. The looming ‘What ifs’ bother me.
Nailed it! – The last point the letter makes it seem as if the lawmakers are to be blamed here. AT&T states that it is legal to sold location data, if we are talking about ‘A-GPS data.’ Lo behold! There goes all the promises to ensure safety of users down the drain. AT&T says, A-GPS data is usually collected for GPS-based services and emergency services and it is not illegal to sell it as per US Federal Law.
And, we are back to square one.
What others have to say
The story of other three telecom giants T-Mobile, Sprint, and Verizon is also not so favorable. While Verizon had long back promised to stop providing location-data to aggregators, earlier this year, it was discovered that the data was still being made available to some third-party companies like Zumigo and Microbilt. What’s more scary is that this data was easily accessible by bounty hunters, Motherboard found. As said earlier, no safety is guaranteed as the carriers very easily claim that the fault lies with its partners for not handling the data appropriately and deleting it when necessary. We definitely need stricter laws here. T-Mobile says it took a similar action, notifying its providers last fall that it would be ending its contracts with location-based service providers and doing so in March. Sprint, on the other hand, says it’s in the process of ending its contracts.
Sprint privacy chief Maureen Cooney wrote. “As of May 31, 2019, Sprint will no longer contract with any location aggregators to provide LBS. Sprint anticipates that after May 31, 2019, it may provide LBS services directly to customers like those described above, but there are no firm plans at this time.”
Words like ‘anticipates’ and ‘no firm plans’ keep our pulse racing…
Definitely FCC and other lawmakers need to play a stricter role in order to ensure safety of the public, who cannot imagine staying without their phones today.