AT&T, Sprint, Verizon, T-Mobile US pledge, again, to not sell your location to shady geezers. Sorry, we don't believe them US cellphone networks have promised – again – that they will stop selling records of their subscribers' whereabouts to anyone willing to cough up cash. In a statement on Thursday, AT&T said: "In light of recent reports about the misuse of location services, we have decided to eliminate all location aggregation services – even …
I have AT&T.
As I got up early this morning so I can spend most of my day on an airplane and getting to a client, I woke up to an AT&T 'free' text message. (SMS text message).
It basically said that I agreed to AT&T allowing them to share my location data with third parties.
Read this as an OPT-OUT and not an OPT-IN agreement.
Cue the lawyers..
Time to sue them and to get Congress involved.
Oh and of course if you're in the Twitterverse... feel free to share your thoughts : Tweet @ATTCares
There are many problems with this and definitely could require a scotus decision because as of right now, that information is AT&T's to sell as they please. There are already scotus cases regarding metadata and pen data that need to be updated.
What AT&T did is tantamount to slamming their customers with this OPT-OUT strategy.
Anyone know any good lawyers in the US who will do this Pro-Bono? (Or actually as a class action)
As a Big Data Professional... I'd make an excellent witness...
Oh and law enforcement would be a different matter, and isn't part of this.
Also the Flame is for AT&T not for the poster.
If one looks closely they all promised something along lines of not selling to "shady operators"... err.. what ever that means to them. So, if they say they're not selling to 'shady operators", then they can still feed the bottom line by selling it to 'non-shady operators". In spite of what we "common" people believe, the profit margin is all that matters and we are bought and sold every single day. Maybe I should amend that as many of us techies may have figured out how to block most things but the average person hasn't a clue on how to do it.
Use a MVNO, eg. Consumer Cellular—uses all the same towers but contractual agreements between the carrier and MVNO may prevent them from monetizing this information.
Last time I used CC somewhiles ago they had explicit provisions in their TOS saying that they do not collect location metadata unless you opt in to some old people program (and since it's an operator designed for old people I bet a lot of users did just that).
"contractual agreements between the carrier and MVNO may prevent them from monetizing this information."
Maybe, but I have no visibility into what's in the contract between a carrier and a given MVNO, so that's something that can't affect my decision-making.
Also, even if I did have such visibility, I'm far from confident that the carrier would actually adhere to such contractual terms. Contractual protections aren't nothing, but they also aren't terribly reassuring.
"Last time I used CC somewhiles ago they had explicit provisions in their TOS saying that they do not collect location metadata unless you opt in"
But that provision says nothing about whether or not the carrier they're using is engaging in such collection.
The only solution to not having private and tracking information not meander about is to never let it out. Once the information is out of your direct control you no long have real control even if a piece paper implies you do. But this is concept these negative wattage dimbulbs cannot grasp; what you let out will meander off to less than savory types via a roundabout path. If the information is not out there it does not matter what the unsavory scum try; it's not available.
The only workable legal framework is one that makes the GPBR look like the bungling attempts of amateurs; it has to be so harsh to fear into hearts of these miserable slimes. Yes, I have no use for these two-legged vermin.
"The only solution to not having private and tracking information not meander about is to never let it out."
And the only way to do that is to stop using a cell phone. Knowing where you are is an unavoidable part of being able to deliver cell service to you. Not to mention that (at least in the US), the cell companies are legally required to be able to geolocate you with a fair bit of precision.
I work in an industry that has worldwide very strict privacy laws (they vary some but are essentially the same philosophy). We have training on proper handling of the data including that we cannot disclose it to internal colleagues who do not need to know even within your own team. And you can imagine the rules about sharing to anyone outside the company. These laws have significant PERSONAL penalties for violations (again vary somewhat by country).
The phone providers and various IT services that deal with large amounts of customer data have not been under rules like this. But people are realizing the data they are abusing is significant and can put people in real jeopardy. Thus the GPDR in the EU. The hounding of Suckerberg. Once it becomes a major problem (very close now) they will get hit with laws like the US HIPPA or EU GPDR and will wonder why; their own greed, stupidity, and lack of ethics.
Do you have AT&T?
Check your free text messages from them.
(See my post above)
First under existing SCOTUS rulings, the metadata surrounding the phone call is not private and the Telco can assert ownership of the data. They can also claim that they need to use this data to help complete the calls while on their or a partner's network. (roaming) and for billing purposes.
That said, reselling this PII information should be made illegal.
The fact that they decided to make this 'OPT-OUT' (which is not in the text, so also a reason to sue) is stupidity beyond belief. They must be under great pressure to find revenue streams.
Congress could fix this easily.
Anyone else get this sort of text or mailed communication from AT&T or another carrier?
Again, the Flame is for the telco... not a good way to wake up before morning coffee.
"we have decided to eliminate all location aggregation services – even those with clear consumer benefits"
This makes me wonder which of those services they consider having "clear consumer benefits". It's location-based advertising, isn't it?
"Verizon claimed that location data was only sold if subscribers had explicitly agreed to it"
And by "explicitly agreed to it", do they mean that it was buried in the lengthy legalese called "terms of service" that users clicked an "I agree" button for?
"AT&T has no reason to believe that there are other instances of unauthorized access to AT&T customer location data,"
Yeah, but what about access that they authorized?
"there has been no response from Pai"
No response is needed. We already know what he'll do about it: his best to protect the carrier's ability to keep on as they always have been.
To be fair, I suppose that someone calling for roadside assistance might benefit:
"Your engine fell out? Where are you located, sir?"
"I, uh, I left Minot North Dakota two hours ago, and I might have taken a wrong turn, and I haven't seen a building for the last 50 miles, and it's dark ... I think I hear wolves howling ... or maybe jackals, or maybe it's Elon Musk, I just don't know..."
Now, in point of fact, all it would take is Google Maps and GPS: "I'm at 45.803669, -103.619935".
But for the less clueful, I can see a possible use case for a responder being able -- with your permission -- to find the geographic location of your phone.
But of course money makes liars out of most corporate CEOs. They did not become CEOs by favoring ethics over lucre.
You have a facebook account?
The only time I had one was when I was sent there against my will for a 3 month contract.
I deleted it, but FB's response was ... "Oh we're sorry you wanted to delete your account, we'll deactivate it for now, but keep it in case you want to re-join."
I would love to get in front of Congress as an expert witness on why FB and Google should be handcuffed.
Posted ANON for the obvious reasons.
If they fight such legislation, and claim it is "costly regulation", then they should be asked "how can it cost you anything to not do something you have just promised us you would not do"? There's no way they could fight this, and without the telco lobbyists fighting it there's no reason why congress shouldn't pass it without delay.
If congress doesn't pass it, I'll suspect that not only are the telcos lying, but the congressmen who take money from their lobbyists KNOW they are lying.
And don't you just love the answer ?
".. T-Mobile will not sell customer location data to shady middlemen."
Notice how that neatly sidesteps the heart of the issue ? We don't want them to stop selling just to the "shady middlemen", we want them to STOP SELLING THE DATA.
But hey, it's only telecoms companies. They must have gotten a garbled version of the memo.
Wouldn't it be great if the FCC could make regulations to protect privacy? Too bad, they can't! The Republican controlled Congress and President eviscerated their ability to make such regulations by approving a resolution of disapproval for FCC privacy regulations, which also forbids any similar regulations.
"Those rules would have required ISPs to obtain users' consent before selling their personal data – including location, browser history, health and financial data and other sensitive information – to advertisers."
In light of recent developments, the "– to advertisers." caveat was too optimistic.
https://www.theregister.co.uk/2017/04/04/fcc_privacy_rules_myths/
and so apparently do PR people wishing to assure us that they're not just corporate shills paid to lie through their teeth on behalf of an organisation.
when Facebook do it, i recognise its because I am the product. When a Telco does it, even after I explicitly tell them not to, I recognise its a failing of law and I expect to see a massive Sueball launched about this shortly.
Joe Cox was able to pay a bounty hunter $300 to have someone's T-Mobile US phone number tracked and located
Proponents of the data collecting habits of Google, Facebook, et.al., and even the apathetic folks who don't see the danger, this is the danger.
It's easy to say no giant corporation cares about you so who cares if they buy your data or not, it's not the corporations you need to worry about. It's about where that data eventually ends up. Since Facebook, Google, blah blah, all know exactly where your phone is at any time, any of their partners who has access to that data could offer similar stalking services. Heck, I'm not a Tor user, there might already be such services out there. Facebook wouldn't even know about it, since apparently they don't keep track of who does what with any of their APIs.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
