Communications Daily is a Warren News publication.
T-Mobile Plans Fight

3 FCC Members Concerned About Fines Against Carriers for Alleged Privacy Violations

The FCC handed down proposed fines Friday against the four national carriers for failing to safeguard data on their customers' real-time locations (see 2002270063). T-Mobile faces the biggest at more than $91 million, followed by AT&T, $57 million; Verizon, $48 million; and Sprint, $12 million. FCC Chairman Ajit Pai announced during the news conference after the commissioners’ meeting that the notices of apparent liability had been approved and would be issued shortly (see 2002280040). Three commissioners raised questions about the FCC approach, including in media Q&A with us.

Sign up for a free preview to unlock the rest of this article

Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!

Commissioner Mike O’Rielly told reporters he had concerns, though he voted for the NALs. “There’s enough material to do a NAL” but the FCC has more work to do, he said. “I have some deep concerns about the investigations, the fulsomeness of what’s been explored,” he said. Commissioner Brendan Carr also said he voted yes. Commissioners Geoffrey Starks and Jessica Rosenworcel indicated they believe the FCC didn’t go far enough and waited too long to act.

T-Mobile plans to dispute the NAL and associated fine. “When we learned that our location aggregator program was being abused by bad actor third parties, we took quick action,” spokesperson emailed: “We were the first wireless provider to commit to ending the program and terminated it in February 2019 after first ensuring that valid and important services were not adversely impacted.” Sprint is reviewing the NAL, a spokesperson said. AT&T was waiting for release of the order. Verizon didn't comment.

Your carrier needs to know where you are to complete your calls,” said Commissioner Geoffrey Starks. “I cannot fully support this action, however, because somewhere in this long-delayed investigation we lost track of the consumers we are charged with protecting.” The FCC “should have determined the number of customers impacted by these abuses and based our forfeiture calculations on that data -- calculations that would have been possible if we had investigated more aggressively,” he said.

The "investigation is a day late and a dollar short,” said Commissioner Jessica Rosenworcel. “The FCC kept consumers in the dark for nearly two years after we learned that wireless carriers were selling our location information to shady middlemen. There are more than 270 million smartphones in service in the United States and this practice put everyone using them at a safety risk.”

The Enforcement Bureau opened this investigation following "public reports that a Missouri Sheriff, Cory Hutcheson, used a ‘location-finding service’ operated by Securus, a provider of communications services to correctional facilities, to access the location information of the wireless carriers’ customers without their consent between 2014 and 2017,” the FCC said: “In some cases, Hutcheson provided Securus with irrelevant documents like his health insurance policy, his auto insurance policy, and pages from Sheriff training manuals as evidence of his authorization to access wireless customer location data.”

House Commerce Committee Chairman Frank Pallone, D-N.J., found little to praise. The commission confirmed “what I have said” since first pressing for House Commerce scrutiny in 2018 (see 1805240073), Pallone said. The carriers “have a duty to protect consumers’ real-time location data and the FCC must enforce the law in order to protect the personal safety of consumers across the country.” Pallone and other House Communications Subcommittee members repeatedly pressed the FCC to expedite its probe (see 1912050043).

Pallone is “glad the FCC is finally proposing fines for this egregious behavior,” but “it represents little more than the cost of doing business for these carriers. Further, the Commission is still a long way from collecting these fines and holding the companies fully accountable.”

Instead of [meeting] its obligation to come down hard on the wireless carriers that are guilty in this case, the FCC dragged its feet and issued penalties that let these companies off easy,” said Sen. Ed Markey, D-Mass. “You deserve better.” The FCC “has known that companies were selling real-time location information that could reveal where you live and work,” he said. “This compromise of our trust and personal information isn’t just a creepy, abstract privacy risk, it is a direct threat to consumers’ physical safety.”

Despite clear evidence of ongoing commercialized privacy invasions and real risks to individual safety, the FCC has done nothing to curb these practices,” the Center for Democracy & Technology said: “These penalties are too little and too late.”

Free Press said the FCC should have moved more quickly and come down harder on the carriers. “The carriers have shown an egregious contempt for the law,” said Senior Policy Counsel Gaurav Laroia. “The Communications Act plainly lists location data as the kind of private information that carriers have a duty to protect and are forbidden to sell without their customers’ permission. Yet the companies showed complete disregard for the law and for our safety in pursuit of a few extra dollars.”