AT&T and T-Mobile say they'll stop handing over your cell phone location data to third parties after a report found the information could end up for sale on the black market.
Both carriers plan on ending the location data sharing this March in response to a story from Motherboard about how bounty hunters were selling access to the real-time information for only a few hundred dollars.
The sensitive data was available because AT&T, T-Mobile, and Sprint sell the information to third-party "location aggregators." The partnerships can power services such as bank fraud prevention and emergency roadside assistance in addition to online ads and marketing deals, which depend on knowing your whereabouts.
All the location tracking should occur with customer consent. But past investigations have uncovered a stunning lack of oversight. In Motherboard's case, the bounty hunter gained access to the sensitive data from a credit risk management firm called MicroBilt, which was offering the location tracking to landlords, motor vehicle salesman, and others conducting credit checks.
"In light of recent reports about the misuse of location services, we have decided to eliminate all location aggregation services—even those with clear consumer benefits," an AT&T spokesman told PCMag.
T-Mobile CEO's John Legere tweeted that his company was winding down all third-party location data sharing by March. "We're doing this right and shutting them down one by one, so customers who use this for safety services can make other arrangements," he added.
But not everyone is satisfied with the response. That's because it isn't the first time US carriers have pledged to safeguard their customers' location data. In June, they vowed to scale back their location sharing partnerships after a prison technology company was found abusing the data for warrantless cell phone location lookups.
"Wireless carriers are promising, yet again, to stop sharing Americans' location data without their consent. I'll believe it when I see it," said US Senator Ron Wyden, who called on the FCC to investigate the issue last year.
"It's not enough for these tech giants and their CEOs to lay blame for misuse and abuse of information on downstream companies," he added in his tweet. US Senator Kamala Harris and Democratic FCC Commissioner Jessica Rosenworcel have also called on US regulators to investigate the data sharing.
It remains unclear if Sprint will take the same steps and pull the plug on the data sharing. The company didn't immediately respond to a request for comment. But the carrier told The Verge it was at least ending a contract it had with location data aggregator Zumigo, which had been selling the information to MicroBilt.
Verizon was not among the carriers flagged in Motherboard's report. Nevertheless, the company told PCMag it has been winding down its existing location tracking agreements with third parties since pledging to take action last June.
"We have maintained the prior arrangements for four roadside assistance companies during the winter months for public safety reasons, but they have agreed to transition out of the existing arrangements by the end of the March. We have terminated all other such arrangements," the company said in a statement.