As we've noted a
few times now, however bad the recent Facebook and Cambridge
Analytica scandal was, the nation's broadband providers have routinely
been engaged in much worse behavior for decades. Yes, the Cambridge and
Facebook scandal was bad (especially Facebook threatening to sue news
outlets that exposed it), but the behavior they were engaging in is the norm,
not the exception. And watching people quit Facebook while still using a
stock cellphone (which lets carriers track your every online whim and
offline movement) was arguably comedic.
As the recent Securus
and LocationSmart scandal highlights, wireless
carriers pretty routinely sell your location data to a laundry list of
companies, governments, and organizations with only fleeting oversight.
And while some lawmakers are pressuring the FCC to more
closely investigate the scandal (which resulted
in the exposure of wireless location data of some 200 million users in
the U.S. and Canada), few expect the same FCC that just killed net
neutrality to actually do anything about it.
When the previous FCC tried
to pass some pretty modest privacy protections last year requiring that
ISPs be more transparent about all of this, ISPs quickly took advantage
of a cash-compromised Congress to scuttle those protections before they
could even take effect:
This collective apathy to
routine telecom sector privacy abuses has been going on for decades. You
might recall that multiple ISPs were accused years ago of collecting and
selling consumer clickstream data. When they were pressed for details,
many simply either denied doing it or refused
to respond. As more sophisticated network gear like deep-packet
inspection emerged, ISPs began tracking and selling your online browsing
habits down to the millisecond, some even charging
users extra if they wanted to protect their own
privacy.
But things got immeasurably
more profitable once wireless carriers began tracking user location
data, which they now sell to everyone from urban planners to government
agencies. Companies like Verizon Wireless were subsequently caught
covertly modifying wireless user data packets to track users around the
internet without telling them. It took security researchers two years to
even discover
this was happening and another six months of
public shame before Verizon even provided an opt out option (a more
powerful version of the tech is now being used by Verizon's Oath
advertising brand).
And yet even in the wake of
the LocationSmart fracas, which literally exposed the private data of
nearly everybody in America, we're still somehow only seeing a
fraction of the media, regulatory or public outrage we
saw during the Facebook and Cambridge kerfuffle:
"You might think that
the major wireless carriers would be facing intense pressure to
account for their lax handling of customers’ data. You might think
the story would be all over newspapers’ front pages and cable news.
You might think their CEOs would be hounded by the media, as
Facebook’s Mark Zuckerberg was after the Cambridge Analytica story
broke. You might think they’d be dragooned into testifying before
Congress.
You might think that,
if you expected a reaction commensurate to the one that accompanied
the Cambridge Analytica revelations. And it’s conceivable that it
will still happen. But so far, there has been none of that."
It remains odd that the
press and public still don't realize how deep this particular rabbit
hole goes. And whereas the Cambridge scandal made headlines for months,
the location data scandal has barely registered a fraction of the
collective outrage in media coverage or in DC. Meanwhile, wireless
carriers are effectively
refusing to even acknowledge they work with
companies like LocationSmart, and there's little to no indication
accountability is heading their direction anytime soon.