Photo: AP / J. Scott Applewhite

A growing chorus of Washington lawmakers is now pressing federal regulators to do something about the fact that wireless carriers have recklessly sold off data that can pinpoint the locations of their customers’ mobile phones (and thus the customers themselves). The firestorm of inquiries began after it was revealed that during an investigative sting, a Motherboard reporter was able to obtain the physical location of a phone he’d planted in Queens, New York, after shelling out $300 to some shadowy figure in a back-alley deal.

Fifteen U.S. senators joined that chorus on Thursday by seeking a response from the Trump administration, whose regulatory chiefs have had nothing substantive to say about the story, which detailed, in part, how “bounty hunters” had created their own black market for Americans’ location data.

Advertisement

A letter by the senators to the heads of the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) reads:

Last year, multiple news reports highlighted the fact that the four major wireless carriers, AT&T, Sprint, T-Mobile, and Verizon, sold their customers’ location data to approximately seventy companies, without the explicit knowledge or consent of their customers. After significant negative press coverage, the wireless industry pledged to end these business practices.

Advertisement

Of course, that never happened. (Of the four major carriers, only Verizon is thought to have actually ended the practice.) The letter continues (emphasis ours):

A recent investigation published by Motherboard, however, demonstrated not only that the wireless carriers are still failing to protect their customers’ private information, but also that location data can be purchased by stalkers, domestic abusers, and others.

Advertisement

To be clear, the regulatory environment that allowed these dubious sales to take place is the direct result of lobbying by the major carriers themselves. Weeks after President Trump was inaugurated, telecom lobbying effectuated the rollback of landmark Obama-era privacy rules intended to protect consumers, by way of notice and consent, from this precise form of abuse. The vote to repeal the rules in early 2017 fell largely along party lines, with only 15 House Republicans siding against it.

What’s more, the FCC, which has been repeatedly called on to investigate the matter, may find itself without the power to do anything about it, even if it does determine the carriers are at fault.

Advertisement

And it certainly bears mentioning, this is entirely by design.

Advertisement

Since taking control of the commission in early 2017, FCC head Ajit Pai, a Republican, has worked tirelessly to strip the very agency he chairs of its power and its responsibility to protect consumers against the “unjust or unreasonable” practices of companies like T-Mobile and AT&T.

Pai did so first by supporting the rollback of the FCC’s privacy rules—where he pushed all responsibility off onto the FTC—and later by leading the charge to rollback the nation’s net neutrality protections, which had previously reclassified internet service as a “telecommunications service,” thus granting Pai’s agency the power to investigate and punish carrier for such abuse.

Advertisement

To put it another way, the feckless ineptitude displayed by Pai since this phone-tracking scandal first broke nine months ago is not unintentional but reflects the precise level of power major telecoms wanted him to wield and no more. This circumstance, under which virtually anyone can pay money to physically locate the owner of a mobile phone, was engineered—as was the crippling of the agency that, under the former administration, would have had complete authority to pursue and punish those responsible.

All of this was done in the name of enlarging the profits of AT&T, T-Mobile, Sprint, and Verizon, none of which are jumping at the opportunity to accept responsibility for their malfeasance or acknowledge that Americans, who care deeply about their privacy, deserve better than an apology in the first place.

Advertisement

Pai rejected an opportunity to brief House lawmakers about the issue last week, showing precisely how seriously he’s taking the matter. Pai pinned the blame on the shutdown, but as lawmakers noted, there’s nothing legally stopping him from having a discussion about this with members of Congress. He told Motherboard this week: “The FCC already has been investigating this issue. Unfortunately, the investigation had to be suspended because of the partial government shutdown. It will resume once the shutdown has ended.”

He’s also claimed that his agency has been investigating the carriers for over eight months, though there’s no available evidence to support that’s been happening, and a meeting on the Hill this month would have been his opportunity to prove otherwise.

Advertisement

Americans’ only hope in the near-term is that maybe their phone companies will actually stop carelessly handling their data this time, even though they may be under no legal obligation to do so and it will almost certainly affect their profits. Then again, perhaps the FTC will aggressively take up the mantle and, maybe in a year or so, we’ll see the fruit of that investigation.

Maybe even Congress, which can’t even keep the government funded at this point, will miraculously pass a law this year reining in the need of telecoms to constantly harm consumers by treating them like a commodity—that is, if it can pass both chambers without being watered down by politicians whose pockets are lined by the very industry whose violations of the public trust are at issue.

Advertisement

To be fair, it’s entirely possible that T-Mobile and friends violated other laws during this debacle, and there’s little evidence to show that merely notifying consumers about privacy policies and seeking their consent is sufficient.

What is obvious, however, is that none of the deals these companies struck with third-parties to hawk their customers’ data got approved without the strict scrutiny of legal counsel. Someone in mahogany-laden c-suite office somewhere at each of the companies surely signed off on all of this. Whether they wittingly allowed the data to find its way into the hands of “bounty hunters” or not, they surmised, perhaps correctly, that the liability on their end, were that to happen, would be negligible.

Advertisement

After all, they worked very hard, with the help of some friends in Washington, to ensure that was the case.