2018 was a big year for privacy and not in a good way. It was a year where privacy violations were exposed left and right and not all of them involved Facebook. Just as scandalous was the revelation that the four major US carriers have, at one point or another, sold their customer’s location data to third-parties, which then ended up with bounty hunters and illegal users. Although AT&T, Sprint, T-Mobile, and Verizon have promised to stop that practice, customers are still taking them to court for it.
News broke in mid-2018 that carriers, who naturally had access to users’ location data all the time, sold that data to third-party companies. That in itself may have been in violation of federal laws that require carriers to protect customers’ Confidential Proprietary Information or CPI. That data is often used by advertisers but ended up in even less innocent uses.
The carriers apparently sold that data to data brokers like Securus and Captira who then provide location services supposedly in aid of law enforcement. In some cases, that data ended up with personnel from bail bondsman industries but there was also one incident where a sheriff used the data to illegally track phones.
Carriers started promising they will stop selling such data to third-parties but, save for Verizon last year, most persisted until early this year. US lawmakers have called for inquiries into these allegations but, so far, no legal action has been taken, which is why customers are now stepping up instead.
The class action suit filed separately against the four carriers allege that the carriers violated section 22 of the Federal Communications Act. The lawsuit seeks an unspecified amount for damages that will be determined at trial, presuming it gets that far. None of the carriers have made any comment pending their internal review of the litigation.