On Thursday, AT & T announced it was stopping the sale of its customers' real-time location data to all third parties, in response to a motherboard investigation from AT & T, T-Mobile, and Sprint trickled down through a complex The hands of bounty hunters and people unauthorized to handle it.
Google, the Google Fi program offering phone, text, and data services that use T-Mobile and Sprint's network infrastructure in the United States, Motherboard said that it did not share its customers 'data with third parties.
"We have never sold any subscribers' location information," a Google spokesperson said. "Google Fi is a Mobile Virtual Network Operator (MVNO) and not a carrier, but as soon as we hear about this practice, we need our network partners to shut it down as soon as possible." Google did not say when it made this a requirement.
An MVNO is a company that provides the usual telecommunication services such as calls and texts, but which uses infrastructure from a telco carrier. Launched in 201
In Motherboard's investigation, the phone has been found to be on the T-Mobile network. The data accessed through a web of different companies, starting with T-Mobile which sold to a so-called location aggregator named Zumigo. Zumigo then sold the access to Microbilt, a firm which offers telephone location services to the bounty hunter industries as well as other sectors. Motherboard with a Google Maps screenshot showing the location of the phone itself. 500m, enough to, in our case, correctly located to a specific area of Queens, New York.
T-Mobile had previously identified it as "its relationships with location aggregators". In tweets posted in response to Motherboard's story T-Mobile CEO John Legere reiterated that the company is continuing to ramp down all of its location aggregator contracts.
Sprint Has not responded to T-Mobile and AT & T and shut down all location aggregator access. T-Mobile and Sprint, T-Mobile and Sprint, have announced that they have stopped working on their phones Sprint to shut down the sale of customers 'data, rather than the telcos' customers more widely.)
Got a tip? You can contact Joseph Cox on sound on +44 20 8133 5190, OTR chat on firstname.lastname@example.org, or email email@example.com.
This is not the first time against location aggregators. Last year Senator Ron Wyden and The New York Times LocationSmart What does it mean? In Response, AT & T, Verizon, T-Mobile, and Sprint cut access to Securus, the company that acts as a middleman between LocationSmart and the end users. Since then, the companies have continued to provide location data for other purposes, such as to roadside firms for locating stranded customers for fraud prevention.
On Thursday Verizon told The Washington Post it is winding down its own four remaining location aggregator contracts, which are all with roadside assistance companies. After that, customers want to give Verizon permission to share their location with the firm. Verizon has not responded to Motherboard's multiple requests for comment over the past week.
Motherboard's investigation found there is still room for abuse with location aggregators. Thats new steps, T-Mobile and AT & T say, see them cutting off the sale of location data to all third parties.
"For the second time in six months, carriers are pledging to stop sharing American's location with middlemen without their knowledge," Wyden told Motherboard Thursday. "I'll believe it when I see it. Carriers are always responsible for putting their customers data-it's not enough to blame for misuse on downstream companies. "
Subscribe to our new cybersecurity podcast, CYBER.