The four major MNOs each face the threat of a weighty fine, collectively totalling more than $200 million, for helping third parties stalk customers.
Thanks to all four of the national US telcos selling customer location data to third parties over a sustained period of time, the FCC has proposed fines supposedly proportionate to the impact. While there are justified and responsible means for third party companies to use telco location data, this was certainly not one of them and the telcos have been found guilty of not protecting the data privacy rights of customers.
“American consumers take their wireless phones with them wherever they go,” said FCC Chairman Ajit Pai. “And information about a wireless customer’s location is highly personal and sensitive.
“The FCC has long had clear rules on the books requiring all phone companies to protect their customers’ personal information. And since 2007, these companies have been on notice that they must take reasonable precautions to safeguard this data and that the FCC will take strong enforcement action if they don’t. Today, we do just that.”
The proposed fines are as follows: AT&T is potentially liable for $57,265,625, Verizon $48,318,750, T-Mobile US $91,630,000 and Sprint $12,240,000. What is worth noting is that it appears the investment community has been buoyed by the figures presented by Pai.
|Telco||Price at close Friday 28 February||Price at time or writing (pre-market trading)|
|AT&T||35.22 (-1.43%)||35.66 (1.25%)|
|Verizon||54.16 (-1.63%)||54.52 (0.66%)|
|T-Mobile US||90.16 (-1.18%)||91.05 (0.99%)|
|Sprint||9.19 (-1.08%)||9.35 (1.74%)|
The final hours of trading for the telcos were hardly the most profitable for the industry, though as the proposed fines emerged over the weekend there has been recovery. There may well of course be other factors, but it does appear the investment community believed these fines could have been larger.
Privacy red flags were raised here following an article in the New York Times which claimed a Missouri Sheriff named Cory Hutcheson was making use of location finding services from Securus without the appropriate legal authority. Instead of uploading documents such as a search warrant, irrelevant documents were uploaded such as health insurance policies and pages from Sheriff training manuals. What soon emerged from the eventual investigation was a slurry of abuse and the development of a nefarious industry.
“This investigation is a day late and a dollar short,” said FCC Commissioner Jessica Rosenworcel.
“Our real-time location information is some of the most sensitive data there is about us, and it deserves the highest level of privacy protection. It did not get that here – not from our nationwide wireless carriers and not from the Federal Communications Commission. For this reason, I dissent.”
While it is hardly unusual for Democrat Rosenworcel to oppose the actions of a Republican controlled FCC, there is a valid point being made, despite it being somewhat lost in the immaturity of US politics. Firstly, the fines probably do not match the profits made or negligence from the telcos. Secondly, Pai elected to ignore action for far too long. And finally, the amount of redacted information in the documents blur the picture, protecting the reputations of the guilty telcos.
Commissioner Geoffrey Starks, another Democrat, has painted another very similar gloomy picture, also choosing to dissent to large swathes of the FCC process. The condemning tone is hardly surprising, but the FCC does not look the most competent coming out of this saga.
When the initial suspicions were raised, nothing was done. When it appeared the practice was still largely continuing, actions were meek. The investigation took too long and the fine does not necessarily look proportionate. Not only did these telcos mislead the regulator, they broke the law, lied to customers and profited for at least five years from the practice.
Under the leadership of Ajit Pai, the FCC has taken a much more hands-off approach to regulation of the telco industry, allowing business to be business. But there are more and more examples of private industry, not just the telcos, demonstrating they are not responsible enough to act independently within the parameters of responsibility.