Telecom companies have been selling user location data for years, with some of their 'clients' making tens of thousands of requests, documents obtained by Motherboard show – far from the isolated incidents previously portrayed.
About 250 bounty hunters and similar companies purchased extremely accurate customer location data from Sprint, AT&T and T-Mobile, some of them using the service tens of thousands of times – a system that operated for more than five years in total secrecy, allowing trackers to see where their target was down to the room they occupied inside a building, according to internal documents obtained from location data seller CerCareOne.
Some of the bounty hunters then resold the location data to unauthorized third parties, according to multiple independent sources familiar with the company, which survived by keeping itself a trade secret among the bail bondsman and bounty hunter community.
When Vice first exposed telecoms' sale of user data to bounty hunters last month, the telecoms scrambled to frame such abuses as isolated incidents, claiming they ended their relationships with the aggregators when they learned of unauthorized data use, rather than viewing it as standard operating procedure. CerCareOne, however, sold not just cell phone tower data but also highly accurate assisted-GPS (A-GPS) data for five years – from 2012 until the company closed its doors in 2017. Five years of unrestricted data-dealing were enabled by an agreement to "keep the existence of CerCareOne.com confidential," internal documents show.
Charging up to $1,100 per phone location, CerCareOne supplied real-time GPS locations to bail bondsmen, bail agents, and bounty hunters. The company obtained the data from a location aggregator, which received it directly from the various telecoms carriers and packaged it for resale.
“If the carriers are turning around and using that access to sell information to bounty hunters or whomever else, it is a shocking abuse of the trust that the public places in them to safeguard privacy while protecting public safety," said Blake Reid, associate clinical professor at Colorado Law. Reid and Georgetown University Law Center privacy expert Laura Moy both said they had never before heard of a telecom selling A-GPS data.
None of the telecoms denied selling users’ location data when asked, nor would the bail bonds firms listed in the documents disclose whether they had consent to track the phones of users some of them pinged over 18,000 times in one year, though a few bail agents claimed their clients had signed contracts authorizing the agents to track them electronically if they jumped bail.
After the initial revelations last month, over a dozen senators wrote to the telecoms and location aggregators and demanded an FCC hearing on the subject, which FCC director Ajit Pai refused to grant, citing the government shutdown. All three phone companies named in the investigation promised to stop selling location data to aggregators within two months.
Senator Mark Warner blamed the FCC and FTC for their “failure” to address the problem of “companies abusing consumer trust,” while Senator Ron Wyden accused the telecoms of “flagrant, willful disregard for the safety and security of Americans.”