Slashdot Mirror
US Cell Carriers Are Selling Access To Your Real-Time Phone Location Data (zdnet.com)
Four of the largest cell giants in the US are selling your real-time location data to a company that you've probably never heard about before. ZDNet: In case you missed it, a senator last week sent a letter demanding the Federal Communications Commission (FCC) investigate why Securus, a prison technology company, can track any phone "within seconds" by using data obtained from the country's largest cell giants, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary, LocationSmart. The story blew up because a former police sheriff snooped on phone location data without a warrant, according The New York Times. The sheriff has pleaded not guilty to charges of unlawful surveillance.
Yet little is known about how LocationSmart obtained the real-time location data on millions of Americans, how the required consent from cell user owners was obtained, and who else has access to the data. Kevin Bankston, director of New America's Open Technology Institute, explained in a phone call that the Electronic Communications Privacy Act only restricts telecom companies from disclosing data to the government. It doesn't restrict disclosure to other companies, who then may disclose that same data to the government. He called that loophole "one of the biggest gaps in US privacy law. The issue doesn't appear to have been directly litigated before, but because of the way that the law only restricts disclosures by these types of companies to government, my fear is that they would argue that they can do a pass-through arrangement like this," he said. Further reading: The Tech Used To Monitor Inmate Calls Is Able To Track Civilians Too.
Yet little is known about how LocationSmart obtained the real-time location data on millions of Americans, how the required consent from cell user owners was obtained, and who else has access to the data. Kevin Bankston, director of New America's Open Technology Institute, explained in a phone call that the Electronic Communications Privacy Act only restricts telecom companies from disclosing data to the government. It doesn't restrict disclosure to other companies, who then may disclose that same data to the government. He called that loophole "one of the biggest gaps in US privacy law. The issue doesn't appear to have been directly litigated before, but because of the way that the law only restricts disclosures by these types of companies to government, my fear is that they would argue that they can do a pass-through arrangement like this," he said. Further reading: The Tech Used To Monitor Inmate Calls Is Able To Track Civilians Too.
Any sane lawyer could sue all these telecom companies under both the EU GPDR and the US/Canada data treaties.
Your rights don't end at the border, unless you're only an American.
-- Tigger warning: This post may contain tiggers! --
Let me ask about a different situation.
Every day there are private airplanes flying around in our US airspace, who interact with air traffic control (of course), and who can ask that afterwards the records of their tail numbers not get published -- by the government. It could be that a person or company doesn't want people to know where they're going, who they belong to.
Now there are also people who make it their hobby to record the airplanes they see taking off + landing, and share this info with others. There are probably companies who do this too.
Is that illegal? How are you to pass a law against someone getting access to information that could completely legitimately be obtained by someone observing it in person? Does public information fall under the domain of privacy?
That is the problem with privacy -- I don't know that the definition of it is something that can cover purely public information. Not talking about Social Security numbers or personal health data or credit card info.
Is someone's observation of your activities in public, private information?
I suspect this is larger than most people ever imagined. Try this experiment. Have a friend of yours who will be traveling out of state take your credit card with them and use it to make a $200 purchase. It will be declined. Somehow the credit card company knows that you and the card are in different locations.
Or at least I have. I remember being screamed and voted down on Slashdot because I was insisting the GPS and other location data was being accessed and would be given out to just about anyone, panic monger and paranoid lunatic that I am.
Amazing how people don't want to see what is right in front of them.
...that signing several thousand pages of contracts over fifteen different TOU's without reading them could lead to this.
They'll ignore it, or the contract for your phone will require you click through an agreement to let them do as they will. Even if that fails, they'll do it anyway. A fine here and there is nothing compared to the powe of knowing where every person, car, motorcycle and eventually bicycle on the planet is. It's THE power, knowing where everyone is, what they read, what they say, and who they associate with. Every nation on the planet, every corporation, every secret and public police will never let this go. Ever notice how Wikileaks is the only new org on the planet that gets real leaks? There is a reason for that. They brag openly to reporters they don't need a warrant to know who's been talking to them. We are sewn shut.
1.
It's worth noting who's upset about this and for some reason many of the stories don't mention him.
2.
Just in case any of you were still working under the false assumption that it doesn't matter which party you vote for. Keep it in mind as election season approaches.
You are welcome on my lawn.
Any sane lawyer could sue all these telecom companies under both the EU GPDR and the US/Canada data treaties.
Your rights don't end at the border, unless you're only an American.
Umm.. wait, what? "Rights" are a concept granted by the country you're in. They do, literally, end at the border. "Your Rights" become whatever the rights are that are granted to foreigners in the new country you entered if the new country does grant such rights. Do all countries even have the concept of individual rights? If you go to China for Example with the 9mm pistol your home country gives you the right to carry you aren't going to have a good day. If you go to North Korea running your mouth about how their emperor sucks badly... same thing - they don't care about the rights you had when you were in your "home" country. They do care that foreign nationals in those countries don't have the right to do those things.
You say you don't care about your privacy, yet you post as anonymous coward. Interesting.
More like: we have reason to believe you were involved in a crime that happened adjacent to your work/home route. Your cell phone was the closest phone in proximity to the theft, and an eye witness says she can identify the culprit. Please stem this way to the window line up so our witness can identify or exonerate you.
Have fun getting your ass ponded because "the government has no reason to want to hurt me".
We already have limits on how US government can use personal information. The Carpenter Vs US lawsuit will continue to define those limits. We created these protections because we realized that government can use personal information to predict, manipulate, and control us. The combination of powerful government and enabling personal information is a threat to self-determination and rule by consent of the governed.
We have seen many recent examples where powerful modern entities used technology and personal information to predict, manipulate, and control us. FaceBook can predict, control and manipulate us. So can Google, Amazon, Political Action Committees, The Russian Government, advertising agencies, and so on. We need to take further action to protect our unalienable right of self determination. If we fail to act, our society and government continue to transform into "Rule by Manufactured Consent of the Manipulated".
Manipulation is a threat to ourselves and our society. Manipulation advances the goals of the manipulator. Manipulation has no fundamental respect for reality. Past manipulation divorced the victims from reality. Manipulation weakens both individuals and society. Present day manipulation must not be assumed to be legitimate, just because it is cheaper, more effective, more powerful, or wielded by new entities.
Once personal information is collected, it is almost impossible to destroy. It will be monetized. It will leak. It will spread. The cell-phone companies will sell or breech. An Intelligence agency will seize and leak. A well-meaning judge will issue a General Warrant.
For NOW, when you need privacy, you must DITCH THE PHONE.
One path forward is to realize that any personal information that is effective at predicting, controlling or manipulating us IS our identity. As long as this information is effective, and valuable, it is a part of us. We must establish that owning your own personal information is an unalienable right. The right of owning your personal information can not be stolen, seized, legislated or contracted away.
hence... treaties... which extend/grant rights to citizens of other constituencies based upon mutual agreement!!
Rights are not granted by anyone. "We hold these truths to be self-evident, that all men are created equal, that they are endowed, by their Creator, with certain unalienable Rights..." Your rights are something you are born with, and they are numerous beyond counting, and universal, applying everywhere. Governments can only recognize and protect, or ignore and abuse those rights.
The distinction is seriously important.