After pressure from the top Democrat on the Senate Finance Committee, four top telecommunications companies pledged to end contracts with a firm that gathered data on users’ locations and sold it without their consent.
The Federal Communications Commission in May launched an investigation into Securus Technologies, a company that provides telephone services for prisons, after learning the firm was giving the federal government location information purchased from major wireless carriers. Sen. Ron Wyden of Oregon, who initially pressured the agency to launch the review, asked Federal Communications Commission Chairman Ajit Pai to recuse himself from it due to a prior involvement with Securus.
Top telecommunications firms said Securus was obtaining data from 3cInteractive Corp., which received the information from location aggregator LocationSmart. After receiving inquiries on the matter from Wyden, Verizon Wireless said it was terminating existing agreements it has with both LocationSmart and Zumigo, a firm that also sells location data to companies.
“This termination, however, must be completed in careful steps so as not to disrupt beneficial services being provided using customer location data,” Verizon Chief Privacy Officer Karen Zacharia wrote in a letter sent on Friday. “In the interim, Verizon will not authorize any new uses of location information by either LocationSmart or Zumigo or the sharing of location information with any new customers of these existing aggregators.”
AT&T also said it would end its partnership with Securus and suspended the firm’s access to its customer-location data.
“We are actively investigating the extent to which Securus may have obtained unauthorized access to AT&T customer location data, and we are pressing Securus to provide greater cooperation than they have to this point,” Executive President Timothy McKone wrote.
The Wall Street Journal reported that Sprint will also end its partnerships with the firms.
T-Mobile chief executive officer John Legere said in a Twitter post that the company wouldn’t sell customer-location data inappropriately. A spokesperson didn’t immediately respond to a request for more detail.
Spokespersons for Securus and 3cInteractive did not respond to request for comment.
A spokesman for LocationSmart denied allegations the firm allows unauthorized access to users’ location information said the company is working with wireless carriers “to ensure that mobile device user access to important services are maintained and that user privacy is treated with the utmost priority.”
In an emailed statement, Zumigo said it would “be working with mobile carriers to collaboratively transition to an alternative way to collect and use data for the purposes of anti-fraud protections.”
The decisions come as Congress focuses on privacy issues after Cambridge Analytica, a consultant on President Trump’s 2016 campaign, improperly obtained data on 87 million Facebook users. The social media firm has also faced scrutiny over its partnerships with mobile device manufacturers, which allowed the companies to access data without explicit consent from users and their friends.
The arrangements with the telecommunications providers allowed LocationSmart and Zumigo to share real-time locations with businesses, such as banks that were monitoring potential credit card fraud. The four carriers said information was only shared after users opted in to the service.
