Broadcasting antenna and blue sky

A data privacy scandal of far greater magnitude than Cambridge Analytica was reported this month, and while it gets worse with each new emerging detail, it’s getting nowhere near the same coverage.

As reported by Slate, the four largest wireless carriers in the U.S. (AT&T, Verizon, Sprint, and T-Mobile) have been tracking each and every one of their customers in possession of one of their devices, even when GPS and Wi-Fi were disabled. This fact alone is worthy of concern for anyone worried about privacy. A similar Google policy has elicited calls from Congress for an FTC investigation.

Adding another log to the fire was the revelation from the New York Times that a company called Securus Technologies offered a service that provided the real-time location of anyone with a device distributed by all four companies. This data creeping was made possible by a company called LocationSmart, which offered unfettered location access through its website, free of cost.

To recap: If you live in the U.S. and have a cell phone, not only were you most likely being tracked in real-time by your provider, and your location data was offered to at least one other service that made that data available to paying customers.

The Third Certainty

Securus got hacked. It’s a near certainty that this will happen to companies–whether or not they have good privacy practices. The user credentials of roughly 2,800 users, mostly in law enforcement, were available online, along with the information of everyone they happened to be tracking. Whoops.

Senator Ron Wyden (OR) was not happy, “The threats to Americans’ security are grave. A hacker could have used this site to know when you were in your house so they would know when to rob it. A predator could have tracked your child’s cell phone to know when they were alone. The dangers from LocationSmart and other companies are limitless.”

You can read an overview of the story here, and Sen. Wyden’s letters to the FCC and wireless carriers here.