This article at Motherboard is unambiguous proof that telcos are selling private data derived from their network for profit.
Nervously, I gave a bounty hunter a phone number. He had offered to geolocate a phone for me, using a shady, overlooked service intended not for the cops, but for private individuals and businesses. Armed with just the number and a few hundred dollars, he said he could find the current location of most phones in the United States.
Worth considering that these techniques could be used for corporate surveillance and espionage. Your Enterprise IT Security can do nothing about it since the data is collected from the network.
I don’t think this angle has been covered in detail anywhere.
I wonder if Enterprise IT vendors, particularly US vendors, would be tempted to sell information about customer networks to third parties for a bit more profit ?
- Appears to be limited to US Telcos (so far)
- US Telcos have low levels of government oversight. They have freedom to exploit US citizens is almost any way.
- This is a cost effective and convenient method of tracking individuals.
- Telcos can get extra revenue for little effort. The network is a low cost data source and can be combined with customer details for very high value uses.
- Other telcos have noticed this luscious source of profits and want to get in the on action. Bell Canada wants to repeal Canadian privacy laws so it can get in on this.
- The surveillance target does not know they are being tracked and many/most do not know that they can tracked.
- Telco’s have been selling to data brokers for advertising for a number of years. It seem logical that the fall of ad-tech companies has led to a reduction in revenue and they are turning to less ethical methods of profiting from their networks.
- The current administration leading the US government has enabled the telcos to sell private data. When the FCC has removed what most people call Net Neutrality legislation that also included privacy controls. As I understand it, data extracted from the network is not “personal data” anymore but classed as commercial data and thus can be traded and sold.
- US Telcos have been caught out here. No one is blaming the company that sold the data that caem from the telcos.
- If they rationalised the decision to sell this data as “its not us, its the third party that takes responsiblity” then someone is gonna get in trouble.
- They are now declaring that they won’t do it anymore. And by “it” I mean sell location data to bounty hunters but they will still sell information to other parties.
- Unless there is government / regulatory action, I deem it unlikely. The US telcos have become part of the capitalist surveillance economy and there seem to be few repercussions.
- Vendors are making products to support corporate surveillance. Devices must support data collection and analytics platforms are required. e.g. Cisco calls these products ‘digital engagement tools’ and develops features in their products to support surveillance.
Link: T-Mobile, Sprint, and AT&T Are Selling Customers’ Real-Time Location Data, And It’s Falling Into the Wrong Hands – https://motherboard.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hunter–300-dollars-located-phone-microbilt-zumigo-tmobile
Link: Bell wants permission to gather and track customer data | CBC News – https://www.cbc.ca/news/business/bell-customer-data–1.4969066
Link: The $24 Billion Data Business Telcos Don’t Want to Discuss | Digital – Ad Age – https://adage.com/article/datadriven-marketing/24-billion-data-business-telcos-discuss/301058/