The Federal Communications Commission (FCC) has issued fines totaling $196 million to major US telecommunications operators for unlawfully sharing customers’ location data. This action comes more than five years after the violation was initially exposed.
T-Mobile faces the largest penalty of $92 million, including $12 million attributed to Sprint, reflecting the extensive duration of this issue. AT&T has been fined over $57 million, while Verizon’s penalty amounts to nearly $47 million. Despite the substantial fines, these amounts are relatively minor for these telecom giants.
The FCC’s investigation and subsequent penalties were triggered after reports emerged in March 2020, indicating a plan to fine these operators $200 million. The violation involved selling location data to third parties without customer consent, a practice that persisted until it was exposed by a Motherboard article in January 2019.
This breach of privacy allowed sensitive location information to reach unauthorized entities, including bounty hunters and car dealerships, without oversight or consent from consumers. Only after public scrutiny did operators sever ties with location-based service providers.
FCC Chairwoman Jessica Rosenworcel emphasized the severity of the situation, noting that geolocation data is highly sensitive and can endanger individuals if misused.
The delay in addressing these violations, which began to surface five years ago, has raised questions about regulatory oversight. The complexities following the 2020 election and the subsequent appointment of FCC commissioners likely contributed to the prolonged process.
The recent attention received by new mobile service provider Cape highlights growing concerns over data privacy. Cape, a privacy-focused operator, raised $61 million in venture capital and emphasizes minimal data collection from customers.
This enforcement action underscores the importance of robust data protection measures in the telecommunications sector. Despite the fines, critics argue that the penalties are insufficient to deter future privacy breaches. The spotlight on Cape as a privacy-centric alternative suggests a shifting landscape where consumers prioritize data security and transparency from their service providers.