After a recent scandal that saw a county sheriff indicted on charges related to the invasion of prisoners’ privacy, we learned that tracking software vendor Securus Technologies and its data broker LocationSmart had a shared exploit that allowed a demonstration feature to be openly used, giving the user access to the location of any person covered. The nation’s major carriers provided data to LocationSmart and brokers just like it.
Now, all four — AT&T, Sprint, Verizon and T-Mobile — have pledged to stop giving location information to such brokers, though they will continue to sell that data to groups who are in direct engagement with their customers. It is currently not clear if they will begin to directly broker their location data with enterprise customers.
The Associated Press reports that the networks are responding to a congressional investigation led by Senator Ron Wyden of Oregon, who also sent letters asking what the telecoms are doing to protect user data from being tracked through easily-accessible web portals.
Verizon was first to respond and it did so aggressively by saying it had notified brokers that it would terminate agreements with them without affecting services like roadside assistance. AT&T said it would do the same “as soon as practical.” T-Mobile president John Legere tweeted his assurances to Wyden directly. Sprint only said that its customers have to “generally be notified” of such data sales.
The carriers did not point out specifically who they sold location data to, as Wyden requested, with the exception of Verizon thumbing LocationSmart and Zumingo.