Will the FCC Keep Ignoring Carriers That Sell Your GPS Data?
Over the last three months, Motherboard’s Joseph Cox has produced an excellent series of articles on how the major mobile carriers have sold sensitive geolocation data to bounty hunters and others, including highly precise information designed for use with “Enhanced 911” (E911). As we pointed out last month when this news came to light, turning over this E911 data (called assisted GPS or A-GPS), exposing E911 data to third parties — whether by accident or intentionally, or using it in any way except for 911 or other purposes required by law violates the rules the Federal Communications Commission adopted in 2015 to protect E911 data.Read More
Consumer Privacy Before Congress This Week: What We Learned and What’s Next
This week featured back-to-back privacy hearings on Capitol Hill to discuss principles for federal privacy legislation. With the one-year anniversary of the European Union’s General Data Protection Regulation implementation coming in May and the California Consumer Privacy Act taking effect in 2020, industry players that have fiercely lobbied against federal privacy legislation in years past are now suddenly calling on Congress to pass a comprehensive privacy bill this year. Here’s a quick look at what happened in each hearing and a few key takeaways.Read More
Telecom Giants Broke the Law By Selling Detailed Location Data. Will They Face Consequences?
More details have emerged from the Motherboard investigation into carriers selling their customers’ real-time location data, including assisted GPS (“A-GPS”) data intended only for emergency services. The reports are shocking and illustrate both a brazen disregard for consumer privacy on the part of the companies involved and the disturbing, unregulated behavior of the data brokerage industry. The Federal Communications Commission, led by Chairman Ajit Pai, needs to act immediately to enforce what appears to be a clear violation of the FCC’s rules against the selling of A-GPS data with third parties. In addition, Congress must pass comprehensive privacy legislation that forces the data broker industry out of the shadows and stops the persistent misuse of data at the expense of consumer privacy.Read More
Is California’s New Privacy Law Right for the United States?
At the end of June, California enacted what has been billed as a comprehensive privacy law. By all accounts, it was a rush job, negotiated in a week behind closed doors in a desperate and successful attempt to keep Californians for Consumer Privacy Campaign Chairman Alaistair MacTaggart’s privacy initiative off the November ballot. As sometimes happens, the law’s proponents and a few reporters may have overhyped the legislation – both given its current contents and because many expect it to change before its effective date in January 2020.Read More
Members of Congress Tackle Consumer Protection Failures from Equifax Breach
Last week, Congress held four hearings to investigate the Equifax data breach, which jeopardized the highly sensitive data of 145 millions Americans. The exposed consumer information includes social security numbers, prior addresses, student loans, credit card numbers, and other pieces of private data compiled into credit reports that determine if a consumer qualifies for employment, loans, or new lines of credit. For days, members of Congress questioned former Equifax CEO Richard Smith as to how the breach could have occurred and what steps the company was taking to protect consumers. Mr. Smith resigned in September after the extent of the breach was fully disclosed. During the hearings, he offered little in terms of solutions on how to protect consumers going forward, but his answers revealed significant problems with our current data security regime that Congress must address.Read More