FCC proposes fines against T-Mobile, AT&T, Verizon, Sprint

By Jaclyn Jaeger2020-02-28T20:54:00+00:00

No comments

The Federal Communications Commission on Friday announced it has proposed fines against the four largest wireless carriers in the United States for allegedly selling access to their customers’ location information without taking reasonable measures to protect against unauthorized access to that information.

Among the fines that the FCC has proposed include:

$91 million proposed fine against T-Mobile;
$57 million proposed fine against AT&T;
$48 million proposed fine against Verizon; and
$12 million proposed fine against Sprint.

The FCC said the size of the proposed fines differ based on the length of time each carrier allegedly continued to sell access to its customer location information without reasonable safeguards and the number of entities to which each carrier continued to sell such access.

The FCC’s Enforcement Bureau said it opened the investigation following public reports that a Missouri sheriff used a “location-finding service” operated by Securus, a provider of communications services to correctional facilities, to access the location information of the wireless carriers’ customers without their consent between 2014 and 2017.

Under the Communications Act, telecommunications carriers are required to protect the confidentiality of certain customer data related to the provision of telecommunications service, including location information. The FCC’s rules make clear that carriers must take reasonable measures to discover and protect against attempts to gain unauthorized access to this data.

The rules also require that carriers or those acting on their behalf generally must obtain affirmative, express consent from a customer before using, disclosing, or allowing access to this data. Carriers are liable for the actions of those acting on their behalf.

All four carriers—T-Mobile, AT&T, Verizon, and Sprint—sold access to their customers’ location information to “aggregators,” who then resold access to such information to third-party location-based service providers, like Securus, the FCC said. “Although their exact practices varied, each carrier relied heavily on contract-based assurances that the location-based services providers (acting on the carriers’ behalf) would obtain consent from the wireless carrier’s customer before accessing that customer’s location information,” the FCC said.

The agency added, that, although the carriers had several commonsense options to impose reasonable safeguards—such as verifying consent directly with customers via text message or app—the carriers failed to take the “reasonable steps needed to protect customers from unreasonable risk of unauthorized disclosure,” the FCC said.

The wireless carriers will now be given an opportunity to respond, at which time the FCC will consider the parties’ evidence and legal arguments before taking further action.

Jaclyn JaegerJaclyn Jaeger is an editor with Compliance Week and has written on a wide variety of topics, including ethics and compliance, risk management, legal, enforcement, technology, and more.

Topics

No comments

Article
T-Mobile data breach: A cautionary tale for all companies
2020-03-06T19:11:00Z
For the second time in a matter of four months, T-Mobile announced it has suffered a data breach. Cyber-security experts say it’s a cautionary tale about the vulnerabilities of e-mail accounts that are not properly secured.
Article
DOJ joins SFO in corruption probe of Bombardier
2021-05-10T17:51:00Z
The U.S. Department of Justice has joined the U.K. Serious Fraud Office in an ongoing investigation into plane maker Bombardier over suspected bribery and corruption relating to contracts and orders from airline carrier Garuda Indonesia.
Article
DOJ closes FCPA investigation into Pactiv Evergreen
2021-05-10T15:57:00Z
Pactiv Evergreen said it will not face an enforcement action by the Department of Justice, following an internal investigation launched last year into potential violations of the Foreign Corrupt Practices Act.

No comments yet

You're not signed in.

Only registered users can comment on this article.

More Regulatory Enforcement

Article
Monitor certifies MoneyGram’s AML program after lengthy DPA
2021-05-06T19:42:00Z
MoneyGram International stated in a regulatory filing it has fulfilled its obligations under a DPA it entered with the Department of Justice eight years ago, and its AML program was given a thumbs-up by its compliance monitor.
Article
Norway’s DNB fined $48.1M for AML violations
2021-05-04T16:39:00Z
DNB ASA, Norway’s largest financial services group, will pay a fine of NOK 400 million ($48.1 million) for failing to adhere to Norwegian Anti-Money Laundering Act standards.
Article
Under Armour to pay $9M to settle SEC accounting probe
2021-05-04T14:33:00Z
Under Armour agreed to pay $9 million to settle charges brought by the SEC concerning accounting practices by the sports apparel company that rendered statements it made misleading.

Learn from the latest headlines and protect your company today

FCC proposes fines against T-Mobile, AT&T, Verizon, Sprint

Topics

Related articles

T-Mobile data breach: A cautionary tale for all companies

DOJ joins SFO in corruption probe of Bombardier

DOJ closes FCPA investigation into Pactiv Evergreen

No comments yet

Only registered users can comment on this article.

More Regulatory Enforcement

Monitor certifies MoneyGram’s AML program after lengthy DPA

Norway’s DNB fined $48.1M for AML violations

Under Armour to pay $9M to settle SEC accounting probe