American telecom giants say they have finally stopped collecting the location data of their customers and sharing it with third parties.
Verizon, Sprint, AT & T and T-Mobile made the claim in a series of letters published to the Federal Communications Commission on Thursday.
It comes a year after a number of bomb-shaped reports that large telephone companies were selling user data to shadowy companies, who could then track their whereabouts and win the anger of privacy lawyers and lawmakers across the country.
Scroll down for video
American telecom giants say they have finally stopped collecting the location data of their customers. Verizon, Sprint, AT & T and T-Mobile made the claim in letters to the FCC that was published on Thursday
HOW CAN THEY FOLLOW THE LOCATION OF A USER?
Motherboard first reported how bounty hunters sold access to users' real-time location data for just a few hundred dollars.
Bounty hunters obtained the data from location aggregators, who have partnerships with AT & T, Sprint and T-Mobile.
They could estimate and track a user's location by looking at phones from nearby mobile towers.
But companies can also collect assisted GPS or A-GPS, which can even guess the location of a user in a building.
Last May, a New York Times report-discovered providers sold user data to LocationSmart, a little-known telephone tracking service, which then shared it with Securus, a prison technology company, allowing them to track a phone in seconds.
Than a motherboard Research published in January found that hundreds of bounty hunters had access to highly sensitive user data thanks to every major US mobile provider.
Now carriers say they have put an end to the practice, or are in the process of ending data sharing.
The letters show that it took the carriers many months to finish the shady & # 39; s data sharing programs.
FCC commissioner Jessica Rosenworcel expressed her frustration about the agency's silence on the issue, as well as the slow response from carriers.
& # 39; The FCC has been completely silent about press releases that for a few hundred dollars shady intermediaries can sell your location within a few hundred meters based on your wireless telephone information, & # 39; said Rosenworcel. & # 39; That is unacceptable. & # 39;
& # 39; This is a problem that affects the privacy and security of every American with a cordless phone.
& # 39; … I do not believe that consumers should be kept in the dark. That's why I make these letters available today. & # 39;
AT&T claims that it stopped sharing user data with third parties on 29 March.
& # 39; Our contracts require that all parties who have received AT & T's customer location data in connection with those arrangements remove that information and we check whether they have done so, subject to their custody obligations & # 39 ;, wrote Company.
Similarly, Sprint said it would stop working with location-related aggregators from May 31, but the company may continue to provide some user location information to some customers for the provision of roadside assistance services, as well as a company that allows compliance with state competition requirements. .
LocationSmart (photo) only required users to request a free demo and they could follow anyone with AT&T, Sprint, T-Mobile and Verizon phones within a few hundred feet
In these cases, the data is encrypted and only shared & # 39; as needed to fulfill the obligations under the contract & # 39 ;.
T-Mobile wrote that it has all & # 39; access to service provider location data & # 39; had terminated on February 8 and all & # 39; location-based service contracts & # 39; ended on March 9.
Verizon discontinued its locator-aggregator program last November, alongside a few roadside assistance programs. Her contracts with four companies for breakdown assistance programs were officially terminated in March.
& # 39; Those and all other external entities no longer have access to Verizon subscriber location data through the aggregators & # 39 ;, the company added.
The dark practices were first revealed last month and at the time, telecom companies claimed they were incidental incidents.
However, one Motherboard examination discovered that this is not the case at all. About 250 bounty hunters were able to access the exact location data of users.
In one case, a bail company asked for location information about 18,000 times.
AT & T, T-Mobile and Sprint sold the sensitive data intended for users of 911 operators and emergency services to location aggregators, who then sold it to bounty hunters, according to Motherboard.
The companies promised last month that they would no longer sell users' location data to aggregators.
Location aggregators collect and sell location data from users, sometimes to provide services such as bank fraud prevention and roadside emergency assistance, as well as online advertisements and marketing deals that depend on knowing your whereabouts.
Motherboard discovered last month that bounty hunters were using the data to estimate a user's location by looking at & # 39; pings & # 39; sent from telephones to nearby cell towers.
But it seems that the data was even more detailed than previously thought.
CerCareOne, a shadowy company that sold location data to bounty hunters, even claimed to collect supported GPS or A-GPS data.
With this A-GPS data, a person's device could be determined so accurately that it sees where it is in a building.
Telecom companies started collecting this data to give 911 operators a more approximate location for users when they are both inside and out.
Instead, it was sold to aggregators, who then sold it to bailiffs, bounty hunters, landlords, and other groups.
A bail agent in Georgia told Motherboard that it & # 39; only & # 39; was used to find & # 39; fugitives who have built a bond & # 39 ;.
Neither AT & T, T-Mobile nor Sprint explicitly denied the sale of A-GPS data, according to Motherboard.
CerCareOne was essentially in secret when it came into effect between 2012 and 2017, with customers having to agree to keep CerCareOne.com's confidentiality & # 39 ;, Motherboard said.
Location groupers use carrier data to estimate a user's location by looking at & # 39; pings & # 39; cent to radio towers. But it has also been found that they sell supported GPS or A-GPS data that can locate someone's device so accurately that they can see where they are in a building
The company often charged up to $ 1,100 each time a customer requested a user's location information.
CerCareOne said it required customers to get written permission if they wanted to follow a user, but Motherboard discovered that several users were not warned that they were being followed, so the practice often took place without their knowledge or agreement.
Although CerCareOne is no longer operational, the use and presence of company location group holders raises serious questions about how user data is used by these companies.
AT & T and other telecom companies tried to minimize the use of CerCareOne.
& # 39; We are not aware of any misuse of this service that ended two years ago & # 39 ;, the company told Motherboard.
& # 39; We have already decided to eliminate all location aggregation services, including services with clear benefits for consumers, after reports of abuse by other location services with regard to aggregators. & # 39;
At least 15 senators in the US urged the FCC and FTC to take action against companies with shadow reporting clients, Motherboard said.
& # 39; This scandal is getting worse, & # 39; Democratic American Senator Ron Wyden told Motherboard.
& # 39; Carriers assured customers that location tracking abuse was isolated. Now it appears that hundreds of people were able to follow our phones and they did so for years before anyone took action at the wireless companies.
& # 39; That's more than a mistake – that's blatant, obstinate disregard for the safety and security of Americans & # 39 ;, he added.
. (TagsToTranslate) Dailymail (t) sciencetech