Apple takes careful steps to protect your location data, requiring apps to ask for permission to access it, and allowing you to decide whether to permit foreground or background access – as well as displaying which apps have recently accessed your location.
But these protections are of limited value if carriers sell your location to third-party companies, which both legal experts and a senator say is the case today …
The WSJ says that carriers – who can calculate your approximate position from cell tower data, without requiring access to your phone’s GPS – are sharing location data without checking that users or courts have authorized it. Instead, they take the word of dozens of third-party companies who are given the data without checking the claimed permissions.
The security failure came to light after one of those companies, Securus, allowed law-enforcement agencies to track locations of suspects without making any attempt to verify claimed court orders. Law professor Blake Reid said that all they checked was that a document had been uploaded.
Another law expert said that ‘this is just the tip of the iceberg’ when it comes to this type of privacy breach. Stanford University law professor Al Gidari agreed, stating that the FCC failed to consider location data when drawing up privacy regulations imposed on carriers.
Senator Ron Wyden (D, Oregon) said that Verizon had admitted that customer location data was shared with around 75 companies.
The FCC says that it is investigating.
