back to article Senator Wyden goes ballistic after US telcos caught selling people's location data yet again

US Senator Ron Wyden is renewing his calls for legislation banning the sale of people's private cellphone location information after yet another report of phone carriers doing exactly that. The Oregon Democratic Senator claimed major telcos and their executives, including T-Mobile US CEO John Legere, lied to him last year when …

  1. Anonymous Coward
    Anonymous Coward

    Promises apparently didn't pay as well.

    1. TheVogon Silver badge

      Maybe they could have some sort of law about data privacy to stop this sort of stuff? They could call it GDPR!

      1. Prst. V.Jeltz Silver badge

        I am flabbergasted that selling that info isnt breaking some existing retail customer confidentiality laws.

        Maybe thats all goodwill and promises in the US too

        1. LucreLout Silver badge

          I am flabbergasted that selling that info isnt breaking some existing retail customer confidentiality laws.

          I don't understand how its possible for a retailer to sell to all and sundry, information that would require law enforcement to obtain a warrant. Am I missing something here?

          1. Peter2 Silver badge

            Yes. Law enforcement isin't paying them for it and wants it for FREE. The warrant forces the provider to provide the information without payment.

            No doubt a sufficiently large cash payment would result in the same information being handed over. I'd suggest crowdsourcing a few million and buying the information of people in your government and start publishing what they do and where they go, laws will be passed to deal with the problem very, very quickly.

            1. Prst. V.Jeltz Silver badge

              way to miss the point.

              We are talking about the data being handed to all and sundry , not the authorities, irrelevant of wether cash is changing hands.

              Can an aspiring burglar go the local travel agent and buy a list of names, addresses and holiday times of their customers?

          2. PacketPusher

            No Warrant Required

            The US courts have ruled that law enforcement access to customer location data does not require a warrant. Other meta data such as when phone calls are made and to what number also does not require a warrant. Generally, only the content of the communication (texts, voice, etc.) requires a warrant.

            1. PeterKr

              Re: No Warrant Required

              This is completely false.

              https://www.reuters.com/article/us-usa-court-mobilephone/supreme-court-rules-warrants-required-for-cellphone-location-data-idUSKBN1JI1WT

              1. Yet Another Anonymous coward Silver badge

                Re: No Warrant Required

                Unless it's for national security, or covered by an existing "all customers all places at all times" warrant, or they are at the border (ie within 100mi of the coast, border or an international airport).

                Of course if you break these laws you can expect a swift and decisive pardon

  2. GnuTzu Bronze badge
    Unhappy

    Re-seller

    I'm using one of the budget services, and I just realized how likely that makes it that my data is being sold. And, since they are a re-seller, it makes me wonder if my data is being sold twice over. I feel like lining them up like Larry and Curly and double slapping them the way Moe used to do.

    1. Jim Mitchell

      Re: Re-seller

      I'm not sure the network operators (Verizon, Sprint, etc) give the resellers (MVNOs) enough access to have the location data in question. Even if they did, they'd probably charge them for it, anyways.

    2. DougS Silver badge

      Re: Re-seller

      In today's world I just assume my phone can be tracked by my carrier, and that isn't going to change regardless of who I choose. If there were real privacy protection then I might choose my provider more carefully, and be willing to pay more for a greater assurance of privacy like I do with my phone. There will never be 100% privacy protection (even if you assume companies always keep to the letter of their privacy policies) but some is better than none.

      The current situation with cell companies is far worse than with phones - while Google collects every detail about your life they don't directly sell that info to third parties they only allow effectively allow its use by using it to target their ads. If you're wanted by a bail bondsman, they can't get Google to tell them where you are (i.e. where your Android is) but it seems they can with all the major cellular companies in the US. That's bad. Very bad.

      1. Rajesh Kanungo

        Re: Re-seller

        An MVNO uses a regular carrier. I would not be too sure that the carrier is not able to get to your whereabouts. You are still using the carriers' towers.

        1. Michael Wojcik Silver badge

          Re: Re-seller

          An MVNO uses a regular carrier. I would not be too sure that the carrier is not able to get to your whereabouts.

          That's not in dispute. The question is whether MVNOs can also get your location data (via their agreement with the carrier) and thus also sell it. I'm not sure that's any worse (the carriers are happy to sell it to all comers, so it's not like the MVNOs would be increasing the supply), but it's conceivable that an MVNO might be able to undercut the carrier's price, or might be more likely to lose the data in a breach.

          Personally, I suspect the MVNOs don't have access to the data, unless they buy it at the going rate from the carrier, so there's no additional exposure. But that's just a guess.

      2. Snowy
        Facepalm

        Re: Re-seller

        Your phone has to be tracked by your carrier, how else are you going to make and receive calls. The problem comes when they sell this data!

        1. DougS Silver badge

          Re: Re-seller

          Or store the data, or leak the data. Once the call is over they no longer need it, there is ZERO reason for them to save it. For billing they can save the general area (city you are calling to/from) like paper phone bills used to back in the day (I haven't looked at mine for ages since I have unlimited calling, so I don't know what it lists tbh) there's no reason they need to save which tower in NYC you were calling from for billing purposes.

          1. Anonymous Coward
            Anonymous Coward

            Re: Re-seller

            Once the call is over they no longer need it, there is ZERO reason for them to save it

            Except for making money. They were salivating on that 10 years ago, nothing has changed now. You can have a look at the relevant articles in the industry press around the GSMA location API and the various alternatives being promoted at the time (*).

            I made myself very "popular" at the time when I explained several people in a networking vendor (at VP level) the exact amount of policy that needs to be applied to such APIs in the long term and how PCRF does not come anywhere near that.

            (*)I have stopped following that topic (mobile core API exposure) quite deliberately 5+ years ago on the grounds that the shit in that area piles up so high and so fast that no wings can keep you from getting dunkin'..

          2. Anonymous Coward
            Anonymous Coward

            Re: Re-seller

            The data could be useful later on for technical troubleshooting SLAa etc (In the UK Orange used to give you money back if your call was dropped due to a bad connection). That data can then be summarised and anonymised after a short while based on their retention policy.

            The issue is that if they have that data they will sell it, however it they say they won't sell it or there is legislation to stop them doing it then they don't need to delete it if it is properly managed. If they sell it anyway then they probably wouldn't delete it if they said they did.

      3. Eddy Ito Silver badge

        Re: Re-seller

        Don't forget that all these new connected cars also have connections that can be tracked. Presumably that location data would also be available to chop shops repo companies should they have a desire for your car you miss a payment.

    3. veti Silver badge

      Re: Re-seller

      You seem to think that paying a premium rate might make it less likely that your data would be sold. I don't see what you base that on, at all.

      1. GnuTzu Bronze badge

        Re: Re-seller

        You're right. The presumption was that the budget rate was fortified by selling the data, but surely paying a premium rate doesn't change the value of the data or the willingness of a for-profit company to use it. Points to you.

    4. Prst. V.Jeltz Silver badge
      Trollface

      Re: Re-seller

      Well , if you're all that paranoid , you could just use a burner phone - like real criminals do...

      1. DropBear Silver badge

        Re: Re-seller

        That won't necessarily help you. Granted, they probably won't be able to look it up simply punching in your name, and I certainly have no idea exactly how the data access interface is structured, but your "burner phone" could easily be tied to your address where you presumably keep it (or at least the general area) and/or continued proximity to some other handset or location you _are_ on record with. So unless you are willing to never use your "burner" at places that can be related to you, and never take any other phones with you whenever you go to retrieve and use it, you might still be on hook. And that's way too far into "LARPing a drug dealer" for pretty much any sane person.

  3. DougS Silver badge

    Instead of piecemeal legislation

    I sure wish there was a way to get real privacy protection. It doesn't do you a whole lot of good if only telcos are restricted from selling location data - no doubt some "tough on crime" senator will tack on an amendment allowing it to be made available to law enforcement without a warrant, because you have nothing to fear if you aren't guilty of something.

    What about Google and Apple? What about Facebook and Twitter? What about the million other apps on the App/Play stores that may collect location info? What about Ford and Toyota? What about future wearables which could be almost anything, including maybe even stuff that's a permanent part of you? Some of this (e.g. Facebook) may be thought of as optional, but you'd have to be a committed Luddite to avoid the use of ANY possible location gathering device in your life.

    It shouldn't even be allowed for this information to be collected, unless you specifically opt in via free choice. Google and Ford have no more right to this info - even if they keep it to themselves and don't sell it - than T-Mobile does.

    1. Rajesh Kanungo

      Re: Instead of piecemeal legislation

      The trouble in the US is that this is all you can hope for.

    2. croc

      Re: Instead of piecemeal legislation

      I hear that the south of France is nice this time of year....Not part of Five Eyes, either. Nice. The town, that is....

    3. JohnFen Silver badge

      Re: Instead of piecemeal legislation

      "I sure wish there was a way to get real privacy protection"

      Me too, but I think that's a pipe dream (at least in the US). The only people who want that sort of thing are users, and what users want doesn't really matter much.

      1. Anonymous Coward
        Anonymous Coward

        Re: Instead of piecemeal legislation

        Hey John, it will also be a pipe dream for us in the UK once we leave the EU.

        I hope those brexitters have nothing to hide.

      2. DropBear Silver badge

        Re: Instead of piecemeal legislation

        "The only people who want that sort of thing are users, and what users want doesn't really matter much."

        That's actually a damn good concise sum-up of democracy in general.

  4. Anonymous Coward
    Anonymous Coward

    Just

    Needs a bigger brown envelope. It'll all go away.

    America. Home of the vested interest and, since Trump especially, a banana republic

    1. A.P. Veening

      Banana republic

      It isn't even a republic any more except in name, nobody is working for the public cause (res publica).

      1. Anonymous Coward
        Anonymous Coward

        Re: Banana republic

        So - just a banana?

    2. devTrail

      Re: Just

      America. Home of the vested interest and, since Trump especially, a banana republic

      Why since Trump? Do you think they went to war against ex-Jugoslavia, Iraq, Afghanistan, Syria and Yemen on behalf of the people? If you think that Trump signals any difference with the past it means you are paying too much attention to the appearance.

      1. JohnFen Silver badge

        Re: Just

        You're right, this isn't new. But under Trump, this sort of thing has been put on steroids.

      2. Michael Wojcik Silver badge

        Re: Just

        "Things were bad previously, so they can't possibly be worse now."

  5. DougS Silver badge

    The GSM/LTE call protocol may be an even bigger risk

    Someone please correct me if I'm wrong, because if this is true (seen on Slashdot, so I don't know) then it may not help much to block cellular companies from selling this info. If I have a cellular modem with an AT&T SIM, apparently I can call any AT&T subscriber and when their phone rings I'll get a packet back indicating the CELLID they are currently using. That would give a ballpark location estimate (within maybe 100m in a city, or a km or two in rural areas) using one of the free sites showing GPS coordinates for a given CELLID.

    In a city that's easily enough for a stalker to tell if you are home, at work, at the gym etc. assuming they are spread out a bit. For a jealous spouse to determine you are not where you said you were. For a terrorist/assassin to determine a specific target is at the right location to set off the bomb. Maybe it will take the latter to happen before someone seriously considers the protocol security as a risk?

    1. DougS Silver badge

      Re: The GSM/LTE call protocol may be an even bigger risk

      Should add this works with any carrier, it isn't specific to AT&T, but it seems the cellular modem and target's SIM have to both use the same carrier.

    2. Mark 85 Silver badge

      Re: The GSM/LTE call protocol may be an even bigger risk

      For a terrorist/assassin to determine a specific target is at the right location to set off the bomb. Maybe it will take the latter to happen before someone seriously considers the protocol security as a risk?

      You are probably correct on this. And after legislation passes, the companies will raise their rates because this particular income source has been cut off. Then they'll tack on a "national security" charge in the name of "keeping you safe" and also adding to the profit. Maybe I shouldn't have posted this, it will give them ideas.

      1. DougS Silver badge

        Re: The GSM/LTE call protocol may be an even bigger risk

        I'm fine with that - pay more for privacy. Hell don't make it mandatory, just mandatory to offer and I'll pay more for it and the "nothing to hide, nothing to fear" crowd can save money.

        1. SMITCH79

          Re: The GSM/LTE call protocol may be an even bigger risk

          No No No.

          Then privacy becomes a social/economic issue. Those who can pay have their privacy respected and those who can't, well if you can't sell their data (because of the economic group you are in) you have to find other nefarious uses for it.

          Its ok, people with limited money have had it soooooo easy over the last few years. </sarc>

          All the time companies are salivating to get their hands on the data of the people who pay for privacy so over time it becomes erroded back to the state it is today. Bit by bit.

          1. JohnFen Silver badge

            Re: The GSM/LTE call protocol may be an even bigger risk

            "Then privacy becomes a social/economic issue. "

            I think we're already there. Right now, it's much, much easier to have actual privacy if you're wealthy. If you're poor, it simply isn't an option.

  6. Anonymous Coward
    Anonymous Coward

    The bigger issue

    How available is users location data to other other nation-state actors?

    My main concern other than privacy related is military members carrying around cellphones that transmit their location and other data.

    https://www.theregister.co.uk/2018/01/29/strava_heatmap_military_base_locations/

    I was reading an article about the US president making a "surprise" visit to soldiers in a combat zone in Iraq that was qoute: "shrouded in secrecy".

    https://www.nytimes.com/2018/12/26/us/politics/trump-iraq-troops-visit.html

    The thing that struck me most about all the photos realeased of his visit was all the soldiers holding up their cellphones taking photos and selfies with the president.

    Obviuosly I have no idea if any of the cellphones have access to any data or wifi connections or if the base(s) have something similat to Chinas "great firewall" but from reading other articles about the woeful state of military tech security I doubt it.

    I think there could be a market for a cellphone that had HARDWARE switches to enable/disable sensors, GPS, WIFI etc. Perhaps a series of tiny dipswithches underneath the REMOVABLE battery or something similar.

    (I also think senator Wyden should be promoted and given special powers to oversee tech compamies as he seems to be the ONLY elected official that has a clue about technology)

    https://www.businessinsider.com.au/steve-king-asks-google-ceo-iphone-democrats-laugh-2018-12

    1. LoPath
      Coat

      Re: The bigger issue

      Back in my day, we weren't allowed to use any cell phones while deployed. I'll grab my coat when you GET OFF MY LAWN!

    2. ST Silver badge

      Re: The bigger issue

      >My main concern other than privacy related is military members carrying around cellphones that transmit their location and other data.

      Their info will be slurped and sold just like everyone else's. Which is, indeed, a major OPSEC problem.

      If Congress was in any way serious about the collection and sale of PID, including location tracking, they would make the practice illegal based on exactly what you mentioned. But they aren't serious.

    3. Vincent Ballard
      Coat

      Re: The bigger issue

      The two privacy gotchas I saw in the newspapers at the time were (1) the "shrouded in secrecy" visit was leaked several hours in advance when a plane-spotter in Yorkshire recognised Air Force 1's livery overhead; (2) the President posted a selfie naming the special forces unit he was with and without concealing the soldiers' faces, in violation of convention.

  7. FozzyBear Silver badge
    Coffee/keyboard

    Oh the Irony!

    A politician outraged at being directly lied to

    1. Youngone Silver badge

      Re: Oh the Irony!

      I do take your point FozzyBear but where I come from, lying to Parliament (or in a select committee is an imprisonable offence.

      It is not clear from the article that the AT&T stooge made the promises under oath, but I am assuming it would have made no difference.

      There are no consequences for the wealthy in the US anyway.

      wakka wakka wakka

      1. Doctor Syntax Silver badge

        Re: Oh the Irony!

        "where I come from, lying to Parliament (or in a select committee is an imprisonable offence."

        It could explain Zuck's failure to appear before a Select Committee.

      2. David 132 Silver badge
        Happy

        Re: Oh the Irony!

        Youngone ”I do take your point FozzyBear but where I come from, lying to Parliament (or in a select committee is an imprisonable offence.”

        ...but not, apparently, failing to close your parentheses. And you were doing so well up till then.

    2. Drew Scriver

      Re: Oh the Irony!

      But did John Legere really lie?

      "I’ve personally evaluated this issue & have pledged that @tmobile will not sell [we may trade it or give it away] customer location data [does not include other markers like SSID neighbors] to shady middlemen [i.e. any other type of middleman is fine]."

    3. DropBear Silver badge

      Re: Oh the Irony!

      Of any politicians I have ever heard of all around the world, I believe Senator Wyden is the least deserving of such mockery. If I really have to spell out why, I'm afraid there's no point in doing it.

  8. Anonymous Coward
    Anonymous Coward

    Good job that they are regulated.....

    ...by a solid, reliable organisation. Or Not.

    1. Version 1.0 Silver badge

      Re: Good job that they are regulated.....

      Don't worry, I've spoken to them and they have agreed not to sell location data anymore - in future they will be leasing it. Face it, there's always going to be a way around government legislation when business is advising the legislators.

  9. earl grey Silver badge
    Flame

    CEO jail time

    Take a half-dozen of these suckers and throw them in chokey for a while (and not some country club federal prison) and shit like this stops. now.

    1. Richocet

      Re: CEO jail time

      Maybe. Apparently in US prisons people have a awful time if they are not a heavyweight boxing champion or wealthy.

      So in the unlikely event that wealth won't be enough to buy their way out of a prison sentence, it will make for a pleasant prison stay.

  10. Big Al 23

    FCC and FTC are totally unreliable to regulate industry

    Comcast has been using a defective computerized global e-mail blocking system for at least four years that illegally blocks legitimate e-mail sent from Europe, Asia, Australia and elsewhere to U.S. Comcast customers. The FCC has been provided proof of the illegal blockage. Major Euro ISPs have provided proof that their networks are not sending massive SPAM to Comcast customers yet Comcast continues to block these same major ISPs. When Comcast blatantly lies to the FCC is writing claiming they do not have a computerized global blocking system, the FCC looks the other way instead of fining Comcast billions for lying to them and defrauding customers paying for all legitimate e-mail to be delivered.

    1. Anonymous Coward
      Anonymous Coward

      Re: FCC and FTC are totally unreliable to regulate industry

      It is hard to prove a negative. While I am not a defender of Comcast, unless an ISP is inspecting and logging TCP port 25 usage of its customers then it would not have the capability to "provide proof" that their networks aren't being used to transmit spam. So, are you saying that "Major Euro ISPs" are in fact doing such in-depth spying on their customers, and then defending them against the evil Comcast?

      1. Remy Redert

        Re: FCC and FTC are totally unreliable to regulate industry

        Major Euro ISPs absolutely are doing basic monitoring of their e-mail services to protect against them being used for spam. Major Euro ISPs are not doing monitoring of port 25 in general because it's not required. If a specific customer of an ISP is spamming Comcast, Comcast should block that IP and contact the ISP's abuse department.

      2. devTrail

        Re: FCC and FTC are totally unreliable to regulate industry

        So, are you saying that "Major Euro ISPs" are in fact doing such in-depth spying on their customers, and then defending them against the evil Comcast?

        Sounds like a straw man argument. Doesn't it?

    2. Mystic Megabyte Silver badge

      Re: FCC and FTC are totally unreliable to regulate industry @Big Al

      I don't know the answer to that but here's a strange thing. One of my web-mail accounts in the UK is OK to send me virus laden attachments. But when I try to forward them to the UK's *eFraud department they get blocked, message says "This contains malware". ???

      *NFIBPhishing(at)city-of-london.pnn.police.uk

  11. Chairman of the Bored Silver badge
    Pint

    A pint for Wyden

    Wyden is one of the few senators I respect at this point. Sadly I'm not in his state. My representatives are ... different.

  12. this

    Ticked Off?

    In UK english this means admonished or 'told off' - what does it mean here?

    1. Chairman of the Bored Silver badge

      Re: Ticked Off?

      In US usage, "ticked off" means that one is angry about something. There is no implied action. Intensity of this statement is between "I am annoyed" and "I'm going to fire that tosser".

      Put another way, if I've ticked you off we are at the point where a pint may no longer patch things up, but I do not have to worry about any rough stuff.

      1. Alister Silver badge

        Re: Ticked Off?

        Put another way, if I've ticked you off we are at the point where a pint may no longer patch things up, but I do not have to worry about any rough stuff.

        So is that better or worse than "pissed" in the American sense, or "pissed off" in the UK version?

        1. Chairman of the Bored Silver badge

          Re: Ticked Off?

          About equal to American "pissed". Assume that's the same as UK "pissed off", but my main exposure to UK "pissed" has involved lots of ethanol.

          Better to be "pissed off" than "pissed on" of course.

          1. Alister Silver badge

            Re: Ticked Off?

            Thanks,

            As someone once said, UK and US, two countries separated by a common language... :)

            1. Jamie Jones Silver badge

              Re: Ticked Off?

              I've always used "ticked off" to be similar to pissed off, nothing to do will being told off.

              Same for everyone around here... And I'm Welsh, and have been all my life! Maybe it's an english thing?/

              Go USA!

          2. Steve McGuinness

            Re: Ticked Off?

            "Better to be "pissed off" than "pissed on" of course."

            Unless of course youre a serving US President and youre in a Moscow hotel room with a high class escort.

        2. Anonymous Coward
          Anonymous Coward

          Re: Ticked Off?

          "So is that better or worse than "pissed" in the American sense, or "pissed off" in the UK version?"

          According to 'Very Bad Words' podcast, the FCC ban any mention of urine (part of the famous George Carlin's list) but when asked to rule on a radio station that had a competition 'which member of <insert football team> would you p!$$ on' ruled it OK because they seemed to think 'p!$$ed on' meant the same as 'p!$$ed off'

          1. Chairman of the Bored Silver badge

            Re: Ticked Off?

            Interesting podcast, that.

            Best use of "pissed on" I've seen was in a leaked "360deg feedback" evaluation of a line manager. The line that sticks with me are: "If he were on fire, perhaps I might deign to piss on him, but I'm conflicted."

            The other gem was something along the lines of, "Out of millions of sperm, one wonders how his won the race."

            We were having some morale problems at the time.

  13. JimmyPage Silver badge
    Big Brother

    The only privacy you can trust, is that you make yourself.

    Not sure how to go about it, but a rootkit that spaffs random GPS data might be a start.

    1. Prst. V.Jeltz Silver badge

      Re: The only privacy you can trust, is that you make yourself.

      yeah - make sure your phone cant connect to to a tower, that'll show 'em!

    2. devTrail

      Re: The only privacy you can trust, is that you make yourself.

      The first question is whether you really need to keep the phone with you all the time.

      Sure there are a lot of services designed to hook people to their phones, but are they really necessary?

    3. Prst. V.Jeltz Silver badge

      Re: The only privacy you can trust, is that you make yourself.

      Not sure how to go about it, but a rootkit that spaffs random GPS data might be a start.

      GPS has nothing to do with it.

      At the end of the day , you make a call , they know which tower you connected through

  14. devTrail

    Widespread

    Those who think that the situation in better in Europe because of GDPR are naive, this is a field where GDPR is hardly enforced. The same is true for transport payment cards, those that are not anonymous are easily tracked, but after some time even the anonymous ones can be associated with a person giving a rough overview of their whereabouts.

    BTW what is the legal status in the US of prepaid anonymous SIM cards? Mandatory registration is also something that makes things worse.

  15. Tigra 07 Silver badge
    Thumb Down

    "Sounds like word hasn’t gotten to you, @ronwyden. I’ve personally evaluated this issue & have pledged that @tmobile will not sell customer location data to shady middlemen."

    That promise isn't worth anything. He pledged not to sell to shady middlemen, not to anyone else.

    So, translation: "Sounds like word hasn’t gotten to you, @ronwyden. I’ve personally evaluated this issue & have pledged that @tmobile will only sell customer location data to everyone but shady middlemen" (Shady obviously being vague, and middlemen? If you sell to someone who then sells to the middlemen you're still keeping your crappy pledge.)

  16. adam payne Silver badge

    After I exposed these dangerous practices last year, several carriers, including @tmobile’s CEO @JohnLegere told me point blank that his company would stop selling customer location data to shady third parties.

    You left it up to them to determine who was shady. That's your problem right there, you trusted them to police themselves.

  17. Jtom Bronze badge

    Simple solution. Enforce this penalty whenever necessary: the CEO, and all executive level subordinates will be sentenced to carry appropriate electronic devices, and have their real-time locations published on an open and free website for a period of no less than two years. Violation of this order will result in immediate incarceration for the remaining time period of that sentence.

    Think we have privacy concerns? Think of all that they may engage in that would destroy them if discovered.

  18. PacketPusher
    Megaphone

    Bounty Hunters are Shady?

    I am not a fan of businesses selling customer data, but if it is going to be allowed, I don't see bounty hunters as an illegitimate use of the data. The customers would be people who have broken their promise to show up in court. Some of the US states give bounty hunters too much power and some bounty hunters abuse what powers they do have so some bounty hunters are not worthy of respect, but that can be said about regular police forces as well.

  19. Anonymous Coward
    Anonymous Coward

    GDPR

    As I understand it, GDPR applies to people from the EU wherever they are on the planet, as part of their rights of citizenship. So if a european happened to be in america and their cellphone data was sold on, It'd be a clear-cut breach of GDPR. I don't think the law enforcement clauses would cover this, even if it did end in the hands of a bounty hunter (which is stretching the definition of "law enforcement" anyway).

    Do the US Telcos check for EU citizenship before they sell the data, or are their snouts rammed too far into the trough to care?

  20. Steve McGuinness

    Given that we already know

    Trump is stupid enough to use non encrypted, non government issue phones, I wonder if any of the Telco's have sold his location data, amongst other things.

    Oh and why do Senators think they can stop this? Theres a shitload of business in selling on location and tracking data, its arguably one of the fastest growing fields in Telecoms. And with Ajit Pai telling them they can do whatever the hell they like (whilst doing dancing/singing numbers on Youtube), the FCC wont do anything.

    The Senator in Question should be chided for believing that when someone said "Im going to stop doing a thing that is literally making me millions of dollars a year, because youre annoyed at it" they might actually be lying through their teeth.

    He's a politican for gods sake. If anyone knows how to spot a liar (and be an exceptional one) its this guy.

  21. Anonymous Coward
    Anonymous Coward

    Think of the kids

    A company just bought all the location data for most minors in Dallas TX, supposedly to figure out where to drive ice cream trucks, but this particular ice cream business doesn't exist, it's a kidnapping ring. They know more about where your children are than you do. You can thank the telecom industry for the next 400 kids to vanish it TX.

    anyone need a kidney or heart?

    (yes I made that all up - but it's only a few dollars away from reality, if not already)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019