T-Mobile, AT&T Pledge to Stop Location Sharing by End of March
January 11 2019 - 3:07PM
Dow Jones News
By Drew FitzGerald and Sarah Krouse
T-Mobile US Inc. and AT&T Inc. said they would stop feeding
individual customers' real-time locations to data middlemen after a
report suggested the sensitive information is easy to pull without
users' consent.
Tech website Motherboard reported this week that it paid a
bounty hunter $300 to locate a T-Mobile handset by tapping into a
real-time feed that the carrier provided to an aggregator called
Zumigo Inc.
T-Mobile Chief Executive John Legere said in a tweet earlier
this week that the company is "completely ending location
aggregator work" in March but will need time to "do it the right
way to avoid impacting consumers who use these types of services
for things like emergency assistance."
AT&T also said this week it would cut off data aggregators'
access to the information by March. The company said it wound down
most location sharing last year while still providing companies
with customer information for services such as roadside
assistance.
"In light of recent reports about the misuse of location
services, we have decided to eliminate all location aggregation
services -- even those with clear consumer benefits," the company
said.
A spokesman for Verizon Communications Inc., which late last
year added restrictions on its relationship with location-data
brokers, said the carrier plans to terminate its remaining
agreements with four roadside-assistance companies by the end of
March. "We have terminated all other such arrangements," he
said.
A Sprint Corp. spokeswoman said the company told Zumigo this
week that it was terminating its contract. Sprint "determined that
Zumigo violated the terms of our contract by not sufficiently
protecting Sprint customer data in its relationship with
MicroBilt," a credit-reporting company used in the bounty hunter
example to pinpoint a phone.
Zumigo CEO Chirag Bakshi said his company cut off MicroBilt's
access to all cellphone locations after the Motherboard article
published. "The incident that occurred was an illegal use of the
data," Mr. Bakshi said in an interview. "MicroBilt was supposed to
be for lending...for a financial use case which was misused."
MicroBilt couldn't immediately be reached for comment.
Sprint continues to share what it says are non-personally
identifiable location data with Pinsight Media, the mobile data and
advertising company it sold to InMobi last year, the spokeswoman
said. It continues to share data with some other third parties.
Cellphone companies made similar promises to protect user data
six months ago after reports of lax oversight prompted Sen. Ron
Wyden (D., Ore.) to write the carriers seeking more information
about their practices. The companies at the time said they shared
device locations with users' consent by outsourcing the work to
aggregators like Zumigo. Those aggregators shared the information
with dozens of other companies that provide services such as
freight tracking, roadside assistance and bank fraud
protection.
Wireless companies say they still collect and share groups of
customers' location histories for advertising after stripping away
data that could identify individuals. That information is gathered
through a separate process from the real-time pinpointing used when
a customer would like to be found by a tow-truck company, for
instance.
Carriers can't provide wireless service without knowing their
customers' rough whereabouts, which are determined by measuring the
distance to nearby cell towers. Mobile apps often get more precise
location information through GPS, Wi-Fi and Bluetooth signals,
though customers can toggle the sharing of some of that information
on their smartphones.
Mr. Bakshi said his company will probably continue serving
clients like banks by reporting users' locations through app-based
data collection and that users confirm their willingness to share
that information by responding to text message requests. He said
most Zumigo clients already seek consent through text messages.
In an interview Friday, Sen. Wyden said the recent reports show
the need for a new federal privacy law to head off "a national
security and personal-safety nightmare." He said the carriers have
pledged to improve their practices before and fallen short of their
promises.
"I'll believe it when I see it," he said. "I got the promises
again yesterday, but I got the promises in 2018. I don't want to be
back in 2020 listening to the same wash, rinse and repeat."
Write to Drew FitzGerald at andrew.fitzgerald@wsj.com and Sarah
Krouse at sarah.krouse@wsj.com
(END) Dow Jones Newswires
January 11, 2019 14:52 ET (19:52 GMT)
Copyright (c) 2019 Dow Jones & Company, Inc.
T Mobile US (NASDAQ:TMUS)
Historical Stock Chart
From Mar 2024 to Apr 2024
T Mobile US (NASDAQ:TMUS)
Historical Stock Chart
From Apr 2023 to Apr 2024