Home / Business / Big Telecom sells highly sensitive customer GPS data typically used for 911 calls

Big Telecom sells highly sensitive customer GPS data typically used for 911 calls

This is a recent message. You can read our full investigation here.

According to Motherboard, around 250 bounty hunters and related companies had access to AT & T, T-Mobile and Sprint location data. The documents also show that telecommunications companies have sold data to be used by 911 operators and first responders to data aggregators who sold them to bounty hunters. In some cases, the data was so accurate that a user could be tracked in certain places within a building.

The news not only shows how far the Americans' sensitive location data has been sold on the overlooked and questionable data brokerage market, but also how ease of use dramatically increases the risk of abuse. The motherboard found that a single company had more than 1

8,000 data location requests through a data broker. other companies have made thousands of inquiries. The full details of our investigation can be found here.

"This scandal is getting worse. The carriers insured that the location tracking of violations was a single incident. Well, it seems hundreds of people have been able to follow our phones, and they've been doing it for years before anyone else got involved in the mobile phone companies, "Senator Ron Wyden said in an e-mail describing Motherboard's findings , "This is more than an oversight – it is an obvious, arbitrary disregard for the safety and security of the Americans."


A screen that the motherboard of a phone has found about its GPS data. The motherboard has blurred and cut off parts of the image to protect the privacy of individuals. Image: Motherboard [19659007] At least in 2012, by the end of 2017, the now-defunct data vendor named CerCareOne was able to extract the real-time location of AT & T, T-Mobile, and Sprint mobile phones from bounty hunters, bailiffs, and bailiffs The company's trusted source sometimes charged the company up to $ 1,100 per telephone location. Motherboard shared this anonymity with a number of sources to provide details on a controversial industry practice.

Some of the data available to CerCareOne cu Storms included "assisted GPS" or "A-GPS" data from a telephone based on active service documents and screenshots provided by two independent sources. A-GPS is a technology used by first responders to locate 911 callers in emergency situations. In a letter to the Federal Communications Commission by a lawyer from T-Mobile in 2013, it was found that "A-GPS is a reasonable basis for the location of the wireless [9119016] 911 for indoor and outdoor locations."

"A-GPS often provides information about where someone is in a building ," Laura Moy, executive director of the Center on Privacy & Technology at the Georgetown University Law Center, told e-mail to motherboard Blake Reid, Associate Clinic Professor at Colorado Law, said in an email to Motherboard, "With Assisted GPS, your location can be triangulated within a few feet, so you can make a detailed record of all the places you're traveling."

"The only reason we give carriers any access to this information is to ensure that first responders use us in the emergency You can find it. "Reid added. "When airlines turn and use this access to sell information to bounty hunters or to anyone else, it is a shocking misuse of the trust that the public places in them to protect privacy while protecting public safety protect."

Both Reid and Moy said this was the first time a telecommunications provider had sold A-GPS data of which they had heard.

Do you have a tip? You can safely contact this reporter by calling +44 20 8133 5190, OTR Chat at [email protected] or by e-mailing [email protected]

Sprint spokesman has not done so Answer directly whether the company has ever sold A-GPS data. When asked if T-Mobile sold A-GPS data, a company spokesperson said in an email to Motherboard, "We have nothing to add at this time." AT & T did not respond to a request to clarify whether it has sold or sold ever-sold A-GPS data.

A list of motherboard-requested use of the Phone Locator service by a particular customer spans 450 pages, with more than 18,000 individual phone location requests in just over a year. The deposit firm that filed the petitions – referred to in the industry as phone pings – did not answer the question of whether they had received permission to locate the phones or what the pings were intended for.

"The extent of this abuse is outrageous," said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation's campaign, in an email to motherboard.

Subscribe to our new cybersecurity podcast CYBER.

Source link