In a significant move to uphold consumer privacy rights, the United States Federal Communications Commission (FCC) has levied fines totaling $196 million against AT&T, Verizon, and Sprint/T-Mobile for unlawfully selling access to customer location information without consent.
The fines, collectively imposed on the telecom giants, underscore the gravity of the violations, with Sprint and T-Mobile facing fines of $12 million and $80 million, respectively. Verizon's penalty amounts to nearly $47 million, while AT&T has been fined over $57 million.
The FCC's investigation, initiated in 2019, revealed that the carriers had been selling real-time location data from customer devices to third-party data aggregators. This data, subsequently sold again, found its way into the hands of private investigators, law enforcement agencies, credit card companies, and other entities without proper authorization.
Following the probe, the FCC confirmed that the wireless carriers had breached federal law by sharing sensitive consumer location data without adequate safeguards. While fines were proposed in 2020, carriers were afforded the opportunity to contest the decision before formal imposition.
The severity of the fines reflects the duration of the illegal practices and the number of entities granted access to customer location information. The FCC emphasized carriers' obligations to safeguard personal data, citing the sensitivity of real-time location information and the implications for consumer privacy.
FCC Chairwoman Jessica Rosenworcel condemned the carriers' failure to protect consumer data, highlighting the significance of real-time location information as one of the most sensitive data sets in their possession. She reiterated the Commission's commitment to holding carriers accountable and ensuring compliance with consumer protection standards.
Despite assurances provided by carriers to data aggregators regarding customer consent, the FCC found that such consent was not obtained. Furthermore, carriers continued to sell access to location data without implementing adequate measures to prevent unauthorized access, even after becoming aware of misuse.
The enforcement actions underscore the FCC's dedication to safeguarding consumer privacy and holding telecommunications providers accountable for their handling of sensitive personal data. As the FCC resolves these cases, it remains steadfast in its commitment to protecting consumer interests and upholding data privacy standards in the telecommunications industry.
