Today, the Federal Communications Commission is expected to approve a Notice of Apparent Liability against AT&T, Sprint, T-Mobile, and Verizon to pay $200 million for selling customer location data without customer consent. The FCC issued the fine after investigating claims surfaced by Motherboard, which discovered that carriers were selling or giving away consumer geolocation data to third parties, including bounty hunters and stalkers. Public Knowledge supports the enforcement action taken by the Commission, but expresses alarm that it took the FCC more than a year to act after publication of the Motherboard investigation, and after numerous Congressional letters and statements.
The following can be attributed to Harold Feld, Senior Vice President at Public Knowledge:
“Even before Ajit Pai became Chairman of the FCC, he repeatedly opposed enforcing the privacy provisions of the Communications Act. On becoming Chairman, Chairman Pai made it a priority to repeal existing privacy protections for broadband and text messaging, and chose to ignore the clear statutory commands that the FCC protect the privacy of consumer telephone data.
“Small wonder that carriers felt safe flouting the law and selling precise geolocation information that customers disclose for the sole purpose of enabling 911 First Responders to find them. Only after pressure from Congress, embarrassing exposés by diligent reporters at Vice, and repeated criticism from Democratic Commissioners Rosenworcel and Starks did the Chairman finally act to enforce the law — and to the barest degree possible!
“The good news for Americans is that we already have strong privacy laws to protect personal communications by phone and to protect their cable viewing habits. Under the Obama Administration, the FCC (over then-Commissioner Pai’s objections) acted as a vigorous watchdog for people’s privacy — so much so that industry spent millions lobbying Congress to strip the FCC of its privacy enforcement authority. Congress should conduct an immediate investigation into the FCC’s handling of privacy enforcement, and take suitable action to empower consumers when the FCC Chairman fails to act.
“In addition, to restore public trust, the FCC should begin a new rulemaking to provide consumers with additional privacy protections for their phone, cable, and internet communications. As a first step, the FCC can reclassify broadband and text messaging as Title II telecommunications services, subject to the highest degree of statutory protection. But even without this, the FCC has broad statutory authority to exercise greater oversight of carriers and protect personal privacy. It should use them.”
You can learn more about the FCC’s investigation in our recent blog post, “Telecom Giants Broke the Law By Selling Detailed Location Data. Will They Face Consequences?”