When Verizon learned of the Securus issue, it took "immediate steps" to stop the misuse of data, the company said in a statement Tuesday. Those types of services can include routing calls to the right facility, fraud prevention and vehicle tracking.
Wyden contacted the major carriers after his probe found that a prison phone company called Securus Technologies with access to such data had allowed law enforcement to use it to track people.
"We are committed to protecting the privacy and security of our customers' location information, and will keep you informed as we execute our plan to terminate these location-based aggregation arrangements with the aggregators", Zacharia wrote.
Securus - a prison telephone company unauthorized to get locations from Verizon - began offering an expanded service letting sheriffs and corrections officers find a user's location without a court order, using data it got from a third party who had gotten it from LocationSmart.
AT&T, Sprint and T-Mobile, for one, jointly have almost 200 million wireless customers who marketers want to reach. Sprint didn't share which firms it works with.
Verizon's decision to choke off data aggregators was applauded by Wyden, who issued a statement: "After my investigation and follow-up reports revealed that middlemen are selling Americans' location to the highest bidder without their consent, or making it available on insecure web portals, Verizon did the responsible thing and promptly announced it was cutting these companies off".
Krebs wrote that tracking firm LocationSmart leaked customer location data from all major USA mobile carriers - AT&T, Sprint, T-Mobile and Verizon - without consent.
Melania Trump's Jacket Appears to Mock The Immigrant Children She Visited
Unsurprisingly, people had strong feelings about the optics of this-including her husband Donald Trump . Donald Trump defended his wife, saying the reference was her response to the " Fake News Media ".
"We're trying to do with right thing for our customers", he said. T-Mobile and Sprint haven't announced any policy changes at this time.
Verizon's letter also said that in addition to obtaining its own customers' consent before collecting the data, the company also looks at the third-party customers of its data vendors to be sure they have not violated consumer privacy or protection rules.
Which sounds good until you consider that the fact that there is clear evidence that the opposite is true and user location data is being freely sold without any such consent. It said it would not authorize any "new uses" of the data while that "transition" went ahead. Rather, it deals with the practice of selling data to third parties with which users have no direct connection.
Sprint, in a statement to The Verge, confirmed that it would be ending the sale of subscriber location data as well. Those regulations were repealed early a year ago with a congressional resolution. Every so often that lack of oversight becomes painfully clear as we just saw with the Securus and Locationsmart scandal, which exposed the location data of roughly 200 million USA and Canadian wireless consumers.
Analysts say it's hard to gauge the size of the location-tracking aggregation market. Zumigo appears oriented to the financial sector, and lists Intel, Wells Fargo and Capital One among investors. Sprint previously suspended all data sharing with LocationSmart on May 25, 2018.
Securus's primary goal is letting inmates communicate with the outside world.