Security News > 2024 > April > FCC fines carriers $200 million for illegally sharing user location
The Federal Communications Commission has fined the largest U.S. wireless carriers almost $200 million for sharing their customers' real-time location data without their consent.
The fines imposed on Monday include $12 million for Sprint and $80 million for T-Mobile, more than $57 million for AT&T, and an almost $47 million fine for Verizon.
Despite being informed of the unauthorized access, all four carriers continued to operate their programs without reasonable safeguards to ensure that location-based service providers with access to customers' location information obtained consent.
During the investigation, the FCC's Enforcement Bureau found that each of the four mobile carriers sold their customers' real-time location data to "Aggregators," who then resold this information to third-party location-based service providers, revealing where the customers were going and who they were.
Each carrier attempted to offload its obligations to obtain customer consent onto downstream recipients of location information, which in many instances meant that no valid customer consent was obtained," the FCC said.
According to section 222 of the Communications Act, U.S. wireless carriers must take reasonable steps to safeguard specific customer data, such as location information.