The Federal Communications Commission (FCC) has sent letters of inquiry to the top 15 mobile providers seeking details about their data retention and data privacy policies and general practices.
In the letters, FCC Chairwoman Jessica Rosenworcel questions each carrier’s policies concerning geolocation data, including how long geolocation data is retained, as well as details on the current safeguards to protect this sensitive information.
The letter also asks each carrier to detail processes for sharing subscriber geolocation data with law enforcement and other third parties. Additionally, the letters seek details on whether and how carriers notify consumers when their geolocation information is shared with third parties.
“Mobile internet service providers are uniquely situated to capture a trove of data about their own subscribers, including the subscriber’s actual identity and personal characteristics, geolocation data, app usage and web browsing data and habits,” the letters point out.
Mobile carriers have until August 3 to respond.
“The highly sensitive nature of this data—especially when location data is combined with other types of data—and the ways in which this data is stored and shared with third parties is of utmost importance to consumer safety and privacy,” Rosenworcel added in the letter.
This latest FCC mobile privacy probe is consistent with previous agency action to protect consumers’ location-based data. In February 2020, the commission held the nation’s four largest wireless carriers responsible for more than $200 million in fines for selling access to their customers’ location information without taking reasonable measures to protect against unauthorized access to that information.
The letters follow up on a Notice of Proposed Rulemaking (NPRM) the FCC issued earlier this year that was designed to start the process of strengthening the agency’s requirements for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI).