WIRELESS CARRIERS HOPE YOU WON'T NOTICE THEIR LOCATION DATA SCANDAL MAKES THE FACEBOOK, CAMBRIDGE FRACAS LOOK LIKE AMATEUR HOUR

SOURCE: TECH DIRT

When the Facebook, Cambridge Analytica scandal broke, we noted that however bad you thought that scandal was (and it certainly was bad), it couldn't hold a candle to the routine privacy abuses that have occurred in the telecom sector for the better part of the last few decades. From charging consumers hundreds of additional dollars annually to opt out of snoopvertising, to the use of private user financial data to justify providing even worse customer service, the broadband industry has long been the poster child for privacy abuses without much in the way of practical public penalty.

It's just as bad on the wireless side, where carriers like Verizon have routinely have been caught modifying user data packets to track users around the internet (without telling them or providing opt out tools), and selling user browsing, app-usage and location data to everyone that comes calling. That's before you even touch on the fact that these companies are practically bone grafted to the NSA and other intelligence services.

As such, we noted how if you were part of the #DeleteFacebook set but were still rolling around using a stock phone on an incumbent carrier network, you failed to understand that Facebook's casual treatment of private consumer data was the cross-industry norm, not some errant exception.

The Location Smart and Securus scandals (which exposed the data of 200 million cell users) quickly proved our point. Thanks to lax handling of private location data by cellular carriers and third-party brokers, those scandals quickly highlighted how anonymized data isn't really anonymous, and this data can and is routinely abused by everybody in this chain of dysfunction (including law enforcement). Oddly, even in the wake of those reports, people still seemed to view the Cambridge, Facebook fracas as somehow far more scandalous, most likely because of that particular story's political undertones.

Clearly hoping to get ahead of the scandal before the press, public and regulators realized the depths of this particular rabbit hole, Verizon proclaimed that the company would be ending all sales of location data to third party data brokers. The company announced the decision (pdf) in a letter responding to inquiries by Senator Ron Wyden, who had begun to apply some pressure on mobile carriers. From the letter:

"We conducted a comprehensive review of our location aggregator program. As a result of this review, we are initiating a process to terminate our existing agreements for the location aggregator program. We will not enter into new location aggregation arrangements unless and until we are comfortable that we can adequately protect our customers’ location data through technological advancements and/or other practices."

Verizon announced it would be suspending all data sales to location data brokers like LocationSmart and Zumigo, which the company acknowledged sold that data in turn to a roster of more than 75 different companies. And, in short, it's promising to suspend such data sales at least until it can ensure that data is actually secure (what an incredibly novel idea). Who'll actually confirm this data is secure before the program is restarted isn't clear; you'll apparently just have to trust a company with a several-decades history of severe privacy violations and blatant false statements.

Like the Facebook scandal, there wasn't much in place to really ensure that often real-time data remained protected, something made clear when the LocationSmart scandal revealed that one Missouri Sheriff routinely (ab)used the system to spy on Judges and fellow law enforcement officers without much legitimate justification (or pesky warrants). In subsequent statements to the press, Verizon has tried to argue that the company quickly took steps to thwart the abuse:

"When these issues were brought to our attention, we took immediate steps to stop it. Customer privacy and security remain a top priority for our customers and our company. We stand-by that commitment to our customers."

But again, this was Verizon only acting after the horses escaped from the barn, suggesting that no, privacy and security was not a top priority. If Verizon's self-auditing was so stellar, it seems curious it never self-identified the potential for the kind of abuse the LocationSmart and Securus scandals revealed. Or the self-audits did reveal problems, but the money made from selling this data made actually fixing them a low priority. Knowing Verizon pretty well, it seems clear it wouldn't be taking this kind of financial hit if its lawyers didn't realize the company was potentially facing some pretty steep penalties here.

One of the key problems in location and other data sharing is that wireless cell carriers have found a way to effectively operate outside any meaningful privacy guidelines by perpetually passing the onus for user consent down a long line of location data aggregators. Blake Reid, an associate clinical professor at the University of Colorado School of Law, perfectly captures the problem in comments made to Brian Krebs:

"The carriers basically have arrangements with these location aggregators that contractually say, ‘You agree not to use this access we provide you without getting customer consent’,” Reid said. “Then that aggregator has a relationship with another aggregator, and so on. So what we then have is this long chain of trust where no one has ever consented to the provision of the location information, and yet it ends up getting disclosed anyhow."

Verizon's obviously trying to pre-empt privacy regulation before we collectively realize current oversight makes the wild west seem downright domesticated. The company has long fought tooth and nail against any kind of consumer privacy protections, stating back in 2008 that federal privacy rules aren't necessary because "public shame" would keep the company honest. More recently, Verizon successfully lobbied the FCC to kill modest broadband privacy rules that would have prevented precisely this kind of scandal from happening by requiring greater transparency -- and that users opt-in to more sensitive data sharing.

None of that is to say that regulatory action is the only solution here, or that this particular Congress could even accomplish such a task. But it's also pretty clear that sooner or later, the pinky swears and winks currently passing for oversight of the telecom sector's treatment of your private data aren't going to quite cut it.

Shortly after Verizon's announcement AT&T stated that it too had suspended location data sales to third-party brokers (for all the same reasons). Sprint followed suit. T-Mobile, which cultivates a reputation as a more consumer-friendly wireless carrier, belatedly brought up the rear, initially likely wary of highlighting any missteps as it seeks regulatory approval for its looming competition eroding megamerger. But again, most of these promises were somewhat murky in scope (T-Mobile's promise to improve, for example, was entirely devoid of substance and somehow never reached Wyden's office).

With this data having bounced around so many partners with so little transparency or oversight, you can be pretty sure we haven't heard the end of this story. And while wireless carriers would very much like the public and press to believe that they've fixed the privacy problems that plague the telecom sector, several decades of evidence to the contrary -- and the press and public's general tone deafness to the scope of this particular problem -- suggest any meaningful reckoning is still likely some time away.

SHARE THIS ARTICLE...

Views: 35

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

Latest Activity

Deep Space commented on jim's blog post The Truth And Scam Behind Times Person Of The Year
"I think a muslim migrant rapist should be Person Of The Year."
5 minutes ago
Richard Harrington posted a video

Christmas (copy) on Biteable.

Christmas (copy) | Biteable

Video made with Biteable. The World's Simplest Video Maker
10 minutes ago
Chris of the family Masters commented on jim's status
"Only if the cabal throws her under the bus..."
1 hour ago
jim posted a status
"From my last video, poppy's funeral & Clinton Discovery I think Hillary is in DEEP Shit. I want to see all of them go down. both RED & BLUE."
1 hour ago
jim posted blog posts
1 hour ago
Chris of the family Masters posted discussions
1 hour ago
jim's blog post was featured

The Truth And Scam Behind Times Person Of The Year

 I have to agree here, I have seen before people who should NEVER been put on the cover of TIME just like anything else whatever makes money.See More
1 hour ago
Profile Icon via Twitter
Chris Coumo vs. Kellyanne Conway 10-13-18 video https://t.co/dwrKdT8tDH
Twitter1 hour ago · Reply · Retweet
Magnus Regnant favorited Chris of the family Masters's discussion Jewish Author Harry Waton Admitted that Communism is Jewish, Hitler was Right and the Jews Aim to Conquer the World
2 hours ago
James Roberts commented on Boris Badenov's page I’m sure it’s just a coincidence (while Clinton hearing on going) -- Wave of bomb threats causes evacuations, anxiety nationwide
"Antifa tried to blow up a car, burned their mouth on the tail pipe."
2 hours ago
James Roberts commented on DTOM's photo
Thumbnail

LAWS ARE FOR LITTLE PEOPLE

"Sleep. Obey. Thi$ is your god."
2 hours ago
James Roberts favorited DTOM's photo
2 hours ago
Fat Freddys Cat posted a status
"Sorry Chris ran out of credit lol, talk soon"
2 hours ago
Fat Freddys Cat commented on Fat Freddys Cat's blog post Boy, 8, gets 'worst case of measles doctor had seen' despite two MMR jabs
"I see chicken pox in Vaccinated children regularly in classrooms, also a student spoke about another student leaving school in an ambulance on vaccination day....coincidental of course"
3 hours ago
Fat Freddys Cat posted a discussion

HOW SCHOOL DISTRICTS WEAPONIZE CHILD PROTECTION SERVICES AGAINST UNCOOPERATIVE PARENTS

Schooling is adept at rooting out individuality and enforcing compliance. In his book, Understanding Power, Noam Chomsky writes:In fact,…See More
3 hours ago
Chris of the family Masters commented on Fat Freddys Cat's blog post Boy, 8, gets 'worst case of measles doctor had seen' despite two MMR jabs
"2 jabs did it. 50 or so years ago people held measles parties. Getting they kids infected guaranteed vibrant health after recovery. This has been forgotten, conveniently for the Big Pharma."
3 hours ago

Please remember this website is supported by your donations...

© 2018   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2015 - all rights reserved. unless otherwise noted