AT&T (NYSE: T) has pledged to stop the sale of all location data to so-called location aggregators after its practices were revealed in a Motherboard article. The Motherboard investigation found that T-Mobile, AT&T, and Sprint were all selling their customers’ phone location data. Some of that data ultimately ended up in the hands of bounty hunters.
An AT&T spokesman said in a statement, “Last year we stopped most location aggregation services while maintaining some that protect our customers, such as roadside assistance and fraud prevention. In light of recent reports about the misuse of location services, we have decided to eliminate all location aggregation services—even those with clear consumer benefits.”
Motherboard found out about the practices while conducting an investigation about the issue. The publication paid a source in the bail bond industry to locate a cellphone and traced how that phone was located. The investigation was able to track the location of a test phone to within a couple blocks.
The tracking found that the information was purchased from T-Mobile by a location aggregation company called Zumigo. Zumigo then sold that information to a third company called Microbilt, which was apparently selling it to a wide variety of customers. Motherboard reported that property managers, car salesmen, bail bondsmen and bounty hunters were among the groups of people buying the location data. According to the report, one of the companies selling the data was offering “a continuous tracking service.”
AT&T said in response that use of the data by bounty hunters would be a violation of its policies. An AT&T spokesperson said, “We only permit the sharing of location when a customer gives permission for cases like fraud prevention or emergency roadside assistance, or when required by law.”
Several senators have called for the Federal Communications Commission (FCC) to investigate the issue. Some are also calling for greater regulation of the telecommunications industry. Senator Ron Wyden said in a statement, “The time for taking these companies at their word is long past – Congress needs to pass strong legislation to protect Americans’ privacy and finally hold corporations accountable when they put your safety at risk by letting stalkers and criminals track your phone on the dark web.”