At least one wireless carrier broke federal law by selling wireless subscribers’ real-time location data, the Federal Communications Commission has confirmed, and the agency plans to take action on the violations.

“The FCC’s Enforcement Bureau has completed its extensive investigation and that it has concluded that one or more wireless carriers apparently violated federal law,” said FCC Chairman Ajit Pai in a letter to Congress on the matter. He said that he intends to circulate a notice of apparent liability for forfeiture on the matter, meaning that fines and/or other enforcement action are likely.

“I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC’s rules, including those that protect consumers’ sensitive information, such as real-time location data,” Pai wrote.

Security researchers found in the spring of 2018 that third-party companies such as LocationSmart were sourcing real-time location data from mobile network operators and selling it to non-law-enforcement agencies or individuals, and that related website hacks meant such information could be accessed for free. Press reports from Motherboard in January 2019 highlighted the use of this data to locate individual phones for as little as $300.

“It’s chilling to consider what a black market could do with this data. It puts the safety and privacy of every American with a wireless phone at risk,” said FCC Commissioner Jessica Rosenworcel in a statement. “Millions and millions of Americans use a wireless device every day and didn’t sign up for or consent to this surveillance. It’s a shame that it took so long for the FCC to reach a conclusion that was so obvious.”

According to a Reuters report, U.S. Senator Ron Wyden said on Friday he was “eager to see whether the FCC will truly hold wireless companies accountable, or let them off with a slap on the wrist.”

The post Pai: Carriers misused subscribers’ real-time location data appeared first on RCR Wireless News.