Governance & Risk Management , Privacy

Democrats Pose Phone Data Privacy Questions to FCC

Congressional Letter Criticizes FCC for Not Enforcing Communications Act
Democrats Pose Phone Data Privacy Questions to FCC
(Source: FCC)

Democratic members of the House Energy and Commerce Committee sent a letter to the Federal Communications Commission on Friday demanding that it do more to enforce the Communications Act following a report about wireless carriers giving phone data to third-party aggregators.

See Also: How Enterprise Browsers Enhance Security and Efficiency

The letter is the latest step in an ongoing dispute between the committee and the FCC related to reports that several of the country's biggest carriers, including AT&T, Verizon and T-Mobile, were giving real-time location data to third-party companies.

This real-time location data, which enables wireless carriers to know where smartphones and other mobile devices are located, can also be used to pinpoint where the user is.

In the letter, Democratic committee members accuse the FCC of failing to enforce privacy provisions in the Communications Act following a 2018 report that several major wireless carriers were giving real-time phone location data to third parties. These companies then sold that information to other firms without the consent of customers, according to the letter.

A 2018 New York Times report found some wireless carriers were sharing this data with Securus Technologies, a provider of phone services for prison inmates. In turn, some law enforcement officers and others used other services that Securus provides to track U.S. citizens. These services can find the location of almost any cellphone by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, according to the Times.

The Times story raised serious concerns about how third-party companies were using personal information, including real-time location data, from these carriers without the consent of the users, according to the letter.

"These aggregators were then selling location-based services to a wide variety of companies, without the consent or knowledge of the affected customers," according to the letter, which was signed by 11 committee Democrats, including Frank Pallone Jr., D-N.J., the chairman.

“We eventually learned how widely this location data was shared and the ease with which the information could be obtained from private companies, including by bounty hunters,” the letter adds.

The letter asks FCC Chairman Ajit Pai to respond by Nov. 29. A spokesperson the commission could not be reached for comment on Monday.

FCC Criticized for Inaction

Although the wireless carriers have stopped sharing data with these third-party aggregators, the FCC should do more to ensure privacy is protected, the letter states.

The letter adds that the FCC, which previously announced it was investigating the issues, is running out of time to take disciplinary action against the carriers because the statute of limitations regarding these violations only lasts for a year and time is about the run out.

"On several occasions, committee members have made it clear that the FCC must act expeditiously to fulfill its obligation to protect consumers’ privacy interests and hold carriers accountable to the extent they have violated the FCC’s rules," the letter notes.

Security Concerns

Back in January, Pallone wrote a letter to the FCC asking for an emergency briefing on the issue of carriers giving phone location data to third parties, citing concerns over public safety and national security.

In that letter, Pallone wrote that bad actors could use location information to track individuals’ movements without their knowledge or consent.

"If the recent reports detailing the cheap, accurate and easy accessibility of legally protected, real-time location data are true, we must work expeditiously to address these public safety concerns," Pallone wrote.

But that requested briefing apparently never took place. In February Pallone and Doyle wrote another letter to the FCC and Pai seeking documents about why the emergency briefing was not scheduled.

Over the last several months, the House Energy and Commerce Committee has held hearings about consumer privacy and how companies use the data that they collect from U.S. citizens.

Earlier this month, some House members started to push for a federal privacy law that would curb the ability of companies to collect data from American citizens without getting consent first (see: Bill Would Create a Federal Digital Privacy Agency).

About the Author

Apurva Venkat

Apurva Venkat

Special Correspondent

Venkat is special correspondent for Information Security Media Group's global news desk. She has previously worked at companies such as IDG and Business Standard where she reported on developments in technology, businesses, startups, fintech, e-commerce, cybersecurity, civic news and education.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.