The FCC says it found that carriers “sold access to their customers’ location information to ‘aggregators,’ who then resold access to that information to third-party location service providers.” The agency claims that operators have effectively “attempted to abdicate” their responsibility to obtain customer consent to share their location data with “downstream recipients.” Even after being informed of the problem, the FCC says, carriers still did not limit access to the information.
Fines vary depending on carriers. T-Mobile faces the biggest with $80 million. Sprint, which has merged with T-Mobile since the investigation began, faces a fine of $12 million. AT&T faces the second largest fine at around $57 million, followed by Verizon at around $47 million. T-Mobile and Verizon’s fines are actually lower than what was initially proposed by the agency based on their responses to the FCC’s initial notice.
AT&T spokesman Alex Byers said the FCC’s action “lacks legal and factual basis.” This unfairly holds us responsible for another company’s violation of our contractual requirements for obtaining consent, ignores the immediate steps we took to address that company’s failures, and perversely punishes us for supporting vital location services like emergency medical alerts and roadside assistance that the FCC itself previously encouraged. We plan to appeal the order after conducting a legal review.
Verizon spokesman Richard Young said the company took swift action when “a malicious actor gained unauthorized access to information relating to a very small number of customers.” He said the central issue involved “an old program that Verizon shut down more than five years ago.” Young added that the FCC’s order “gets both the facts and the law wrong, and we plan to appeal this decision.”
T-Mobile declined to provide an official response in accordance with Our policy.
