PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

FCC: 'One or More' Carriers Broke Law by Selling Users' Location Data

FCC Chairman Ajit Pai revealed the breach following an investigation into how real-time location data ended up in the hands of law enforcement and bounty hunters without a warrant.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

FCC Chairman Ajit Pai (Credit: Chip Somodevilla/Staff via Getty)

The FCC has concluded that "one or more" wireless carriers violated federal law by selling customers' real-time location information to third-party companies.

FCC Chairman Ajit Pai revealed the finding in Friday letters sent to US lawmakers. They came in response to news reports that said real-time location data was ending up in the hands of law enforcement and bounty hunters without a warrant.

"I wish to inform you that the FCC's Enforcement Bureau has completed its extensive investigation and that it has concluded that one or more wireless carriers apparently violated federal law," Pai wrote.

He refrained from naming which wireless carriers broke the law. "Our general process is to provide names after adoption of any enforcement action," an FCC spokesman told PCMag. According to letters, Pai plans on circulating the proposed penalty to the FCC's other commissioners in the coming days.

The issue was first brought to light in May 2018 when The New York Times reported on how a little-known prison IT company was buying the location data to run a phone-tracking service for police and correctional officers. By simply plugging in a phone number, the service could let you access the real-time location data of a target device without a court-issued warrant.

The prison IT company, Securus Technologies, was apparently buying the data from third-party "data aggregators," which help the mobile carriers manage location-based service requests coming from mobile apps and internet services. The same location data can be harvested and sold off, with consumers often unaware of what they're consenting to. A follow-up report from Motherboard last year found bounty hunters were able to get the location data as well by paying only a few hundred dollars.

In response, the major mobile carriers vowed to take action, and cut off the data sharing. However, critics including Senator Ron Wyden (D-Oregon) and FCC Commissioner Jessica Rosenworcel demanded US regulators step up and crack down on the practice. It now appears they're getting their wish following questions from Congress over the status of the FCC's investigation.

"Today this agency finally announced that this was a violation of the law," Rosenworcel wrote in response to the news. "Millions and millions of Americans use a wireless device every day and didn't sign up for or consent to this surveillance."

The remaining question is the proposed penalty. The FCC declined to comment on what it might entail. But if the penalty is perceived as a slap on the wrist, US lawmakers and the FCC's Democratic commissioners will almost certainly blast Pai after previously criticizing him for his handling of the investigation.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio