June 19, 2018

Following Wyden’s Investigation, Verizon Pledges to End Contracts With Companies that Sell Americans’ Location

Wyden Calls on All Wireless Companies to Follow Verizon’s Lead and Stop Selling Americans’ Private Information to Third Parties Without Consent

UPDATE – Following news reports that Verizon would end its contracts with major location aggregators, AT&T announced it would follow suit. Please see Sen. Wyden’s latest statement on twitter:

Washington, D.C. – Following an investigation by Sen. Ron Wyden, D-Ore., into the shady practice of wireless carriers selling Americans’ location to third parties – sometimes without permission – Verizon pledged to end its contacts with these “location aggregators,” in a letter to Wyden released today.

Wyden praised Verizon’s move, which came after Wyden revealed that prison phone company Securus was allowing law-enforcement agencies to track Americans’ phones without reviewing the requests. Securus purchased location information which had been sold by the data broker LocationSmart. Following that revelation, KrebsOnSecurity reported that major location aggregator LocationSmart offered access to track any American’s mobile phone via an insecure website.

“Verizon deserves credit for taking quick action to protect its customers’ privacy and security,” Wyden said. “After my investigation and follow-up reports revealed that middlemen are selling Americans’ location to the highest bidder without their consent, or making it available on insecure web portals, Verizon did the responsible thing and promptly announced it was cutting these companies off. In contrast, AT&T, T-Mobile, and Sprint seem content to continue to sell their customers’ private information to these shady middle men, Americans’ privacy be damned.”

Responses from the other carriers are available here: AT&T, Sprint, and T-Mobile.

 The FCC announced an investigation into the LocationSmart leak last month, in the wake of  reports about the LocationSmart data leak. Wyden called on FCC Chairman Ajit Pai, who represented Securus in 2012, to recuse himself from the investigation.

 “Chairman Pai’s total abandonment of his responsibility to protect Americans’ security shows that he can’t be trusted to oversee an investigation into the shady companies that he used to represent,” Wyden said. “If your location information falls into the wrong hands, you – or your children – can be vulnerable to predators, thieves and a whole host of people who would use that knowledge to malicious ends.”