Snippet: T-Mobile, Sprint, and AT&T Are Selling Customers’ Real-Time Location Data ☇

Shared on January 8, 2019

Joseph Cox for Vice/Motherboard:

Nervously, I gave a bounty hunter a phone number. He had offered to geolocate a phone for me, using a shady, overlooked service intended not for the cops, but for private individuals and businesses. Armed with just the number and a few hundred dollars, he said he could find the current location of most phones in the United States.

The bounty hunter sent the number to his own contact, who would track the phone. The contact responded with a screenshot of Google Maps, containing a blue circle indicating the phone’s current location, approximate to a few hundred metres.

Queens, New York. More specifically, the screenshot showed a location in a particular neighborhood—just a couple of blocks from where the target was. The hunter had found the phone (the target gave their consent to Motherboard to be tracked via their T-Mobile phone.)

The bounty hunter did this all without deploying a hacking tool or having any previous knowledge of the phone’s whereabouts. Instead, the tracking tool relies on real-time location data sold to bounty hunters that ultimately originated from the telcos themselves, including T-Mobile, AT&T, and Sprint, a Motherboard investigation has found. These surveillance capabilities are sometimes sold through word-of-mouth networks.

Even though we generally think of companies like Facebook, Google, Twitter, Uber and others doing scummy things with our data for the sake of selling highly-targeted advertising, this is significantly worse. Unfortunately, we live in a world where nobody seems to even care, so I suspect the outrage will probably just stay around the tech circles—the only carrier not included is in this investigation is Verizon, but I wouldn’t be surprised if they aren’t completely innocent. I hope I’m proven wrong.

Snippets are posts that share a linked item with a bit of commentary.