FCC concludes 'one or more' carriers 'violated federal law' selling real-time customer location data

The FCC has found that one or more US carriers broke federal law by selling customer's real-time location data, after an extensive investigation.

As reported by The Verge, FCC chair Ajit Pai has written to the House Energy and Commerce Committee. In that letter Pai stated:

I am writing to follow up on my letter of December 3, 2019 regarding the status of the FCC's investigation into the disclosure of consumers' real-time location data. Fulfilling the commitment I made in that letter, I wish to inform you that the FCC's Enforcement Bureau has completed its extensive investigation and that it has concluded that one or more wireless carriers apparently violated federal law. I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC's rules, including those that protect consumers' sensitive information, such as real-time location data. Accordingly, in the coming days, I intend to circulate to my fellow Commissioners for their consideration one or more Notice(s) of Apparent Liability for Forfeiture in connection with the apparent violation(s).

Now, the letter does not mention by name any US carriers that may or may not be caught up in this. However, the initial report into the story at the beginning of last year named T-Mobile, Sprint and AT&T. A report by Motherboard found that they could pay a Bounty Hunter just $300 to locate a phone using data that had been sold through a supply chain of different companies. None of the carriers contacted at the time denied that they sold location data.

This investigation follows that initial report, confirming what we already knew. The question that remains now is what action will the FCC take against what seems to be a brazen violation of customer privacy and security.