
US cell carriers are selling access to real-time phone location data - voctor
https://www.zdnet.com/article/us-cell-carriers-selling-access-to-real-time-location-data/
======
random6547545
Throwaway account.

I work in location / mapping / geo. Some of us have been waiting for this to
blow (which it hasn't yet). The public has zero idea how much personal
location data is available.

It's not just your cell carrier. Your cell phone chip manufacturer, GPS chip
manufacturer, phone manufacturer and then pretty much anyone on the installed
OS (android crapware) is getting a copy of your location data. Usually not in
software but by contract, one gives gps data to all the others as part of the
bill of materials.

This is then usually (but not always) "anonymized" by cutting it in to ~5
second chunks. It's easy to put it back together again. We can figure out
everything about your day from when you wake up to where you go to when you
sleep.

This data is sold to whoever wants it. Hedge funds or services who analyze it
for hedge funds is the big one. It's normal to track hundreds of millions of
people a day and trade stocks based on where they go. This isn't fantasy, it's
what happens every day.

Almost every web/smartphone mapping company is doing it, so is almost everyone
that tracks you for some service - "turn the lights on when I get home". The
web mapping companies and those that provide SDKs for "free". It's a
monetization model for apps which don't need location. That's why Apple is
trying hard to restrict it without scaring off consumers.

~~~
heurist
I'm in the space as well. I've tried telling my congressmen but they ignore
me. I'm waiting for the backlash, especially will all the recent privacy
issues. It hasn't happened yet and the problem is so large that I honestly
doubt whether the public will ever truly grasp what the scope.

The advice I always give when this topic comes up us to be very careful with
what you install on your phone. The least expensive mobile location data tends
to come from random apps collecting the data to sell it, and ad networks.
Permission to use your GPS is permission to track you until you uninstall the
app.

~~~
hunter23
Can you name and shame the congressmen that ignore you?

Or can you make a tip to one of the newspapers? Given the facebook privacy
news saga this might get picked up.

~~~
criddell
I don't think naming and shaming will do anything, but maybe when somebody's
location data embarrasses them, they will do something about it. I think a
good analogy is the Video Privacy Protection Act.

------
addflip
It's funny that this is coming up now. The other day I was on the phone with
Geico's roadside assistance and they wanted to know my location. I told them I
didn't have their app downloaded, they said it wasn't a problem and they could
get it without it. Sure enough they could. I checked their disclaimers [1] and
they purchase the data from my cell carrier. They didn't even have to know
which one.

[1] [https://www.geico.com/web-and-mobile/mobile-apps/roadside-
as...](https://www.geico.com/web-and-mobile/mobile-apps/roadside-assistance/)
(see disclaimers at the bottom)

~~~
limsup
Wow. The fact that they can just get this with "oral approval" (relayed by
them to your carrier) is shocking to me. This is ridiculous.

~~~
jellicle
They don't need oral approval or any approval. GEICO is only asking so that
their customers won't freak out when GEICO magically knows where they are. The
customer service rep probably had the data up on their screen already when
they asked.

~~~
trendia
I wonder if they use this data to price insurance -- they would easily know
when their drivers are going over the speed limit (or, if such data is not so
precise, if their average speed over 10 minutes exceeded the speed limit).

~~~
ThrustVectoring
More likely is approximating number of miles driven and price discriminating
based off that. More miles driven = more risk of an auto accident. Basically
pay-per-mile car insurance, but hidden.

~~~
pathseeker
How do they know you are driving? Seems too error-prone to be useful.

~~~
ThrustVectoring
They don't need to know you are driving to do price discrimination. They could
just as well take the zip codes where you live and work and assume you're
driving, and make a profit giving discounts to folks with a shorter commute
regardless of whether or not they actually drive it.

------
8_hours_ago
I believe the relevant T-Mobile privacy policy (that I _definitely_ read
before signing up...) is:

"With your consent. We may provide location-based services or provide third
parties with access to your approximate location to provide services to you."
[https://www.t-mobile.com/company/website/privacypolicy.aspx](https://www.t-mobile.com/company/website/privacypolicy.aspx)

That is why a text message confirmation is required to get a cell phone's
location from
[https://www.locationsmart.com/try/](https://www.locationsmart.com/try/)

For those on T-Mobile, there are privacy settings that can be adjusted here:
[https://my.t-mobile.com/profile/privacy_notifications/advert...](https://my.t-mobile.com/profile/privacy_notifications/advertising)
I already had all of them disabled, and I was still able to get the location
of my cell phone from LocationSmart.

I chatted with T-Mobile support yesterday to see if I could opt-out of them
sharing my data. Not surprisingly, the support agent was less than helpful.
"Don't worry, your data is secured"

Are there any US carriers that respect privacy and _do not_ share private
information with 3rd parties? Or is that a pipe dream?

~~~
mohaine
Well, the locationsmart fails completely on my Google fi phone.

~~~
dylz
Are you using your Google Voice number? Fi numbers are GV and in cloud.

Somewhere in your sim/about under settings you can find your underlying phone
numbers for Sprint/TMO that you can look up.

~~~
8_hours_ago
I would be interested to know about that... I don't see anything mentioned in
the Project Fi Terms of Service
([https://fi.google.com/about/tos/](https://fi.google.com/about/tos/)) about
Sprint, T-Mobile, or US Cellular. I assume that by signing up with Fi you are
also subject to each of their privacy policies, but I'd be happy to be
corrected!

~~~
dylz
My fi number has always been blocked from everything (banking, paypal,
whatsapp, etc) for being VOIP. Doing some xda-dev stuff, I see two separate
underlying numbers for the two profiles. I can't receive texts on either of
them.

------
emodendroket
> Kevin Bankston, director of New America's Open Technology Institute,
> explained in a phone call that the Electronic Communications Privacy Act
> only restricts telecom companies from disclosing data to the government. It
> doesn't restrict disclosure to other companies, who then may disclose that
> same data to the government.

It seems like intelligence services spend a lot of their time dreaming up ways
to do an end-run around the law. This is the same reason US intelligence does
partnerships with foreign intelligence services.

~~~
dwighttk
I'd rather them try to do end-runs around the law than run it up the gut...
(If I had to choose)

~~~
risotto_groupon
Just think of how amazing the museum will be for your great grandkids when we
completely dismantle them when, inevitably, their stated mission goals
supersede common sense and a responsible relationship to the American public.

~~~
nojvek
I doubt any of the privacy invasions are going anytime soon.

The big tech cos pull in ~100B in revenue precisely because they can
capitalize on the data.

As long as there is crazy amount of money to be made, it will keep on getting
worse. Having hope on the US govt to do anytime is wishful thinking. Govt and
corporations are hell bent on knowing everything about you. It gives them the
power.

~~~
risotto_groupon
[http://www.stasimuseum.de/en/enindex.htm](http://www.stasimuseum.de/en/enindex.htm)

------
kevcampb
Carriers have been providing these services to 3rd party providers since at
least 2006

[https://www.theguardian.com/technology/2006/feb/01/news.g2](https://www.theguardian.com/technology/2006/feb/01/news.g2)

A few points to note:

* Obtaining consent is entirely left to the provider to implement. It does not appear to have any auditing. A provider can query any number they like.

* The opt-in process used by many providers is easy to exploit, by spoofing SMS replies or abusing the SMS template so that the surveillance target does not get notified

* The providers have are well aware of the potential to exploit this and have been for some time. It has never been resolved in over 10 years.

~~~
fixermark
Is it even considered an exploit?

It's a cell carrier providing data about the radio communications between
hardware they own and someone else. At a moral level, seems somewhat
equivalent to a web server providing data about clients that access the
server.

To opt out, stop using some third-party corporation's owned hardware to route
your communications near lightspeed around the world. Hey, the Amish
communities may have something in their overall philosophy of "Don't be
beholden to strangers who aren't part of your community."

~~~
kevcampb
I'm not clear if you missed the point here? This isn't aggregate data, it's
obtaining the location of a specific individual just by knowing their phone
number. It can be done without their knowledge or consent.

By your webserver analogy, the equivalent would be more akin to google
publishing the contact details and search queries of anyone using the service.

------
itchyjunk
I am starting to wonder what all have I consented to? Every week I learn I
have consented to this and that because of a news article as I never read
those contracts or TOS. I wonder if there will be a way to phrase long
contracts into bullet list of ideas for someone simple minded like me in the
near future.

~~~
Sharlin
One of the things that GDPR requires is real informed consent, small print
hidden inside a thirty-page EULA is not acceptable.

~~~
mtgx
And unlike some of the recent proposals in the U.S., it's generalized to all
industries.

------
code4tee
I was aware the cell phone companies were selling anonymized data for some
time (not revealing the numbers and adding some jitter to the location data to
avoid identifying users).

This is the first I’m hearing that they’re releasing detailed personal
tracking by phone number. When I sat in on a recent presentation with Verizon
execs they flat out said they were not doing this. Oops.

------
Qwertie
The worst part is there isn't any possible way I know of to defend yourself
against this other than not having a phone.

~~~
adventured
Until/unless they modify the law - turning off your phone thwarts it. While
your phone is powered off, it has no ability to track & record your location
movements. Obviously your active location will then be picked back up after
you power it on, it won't have a record of anything inbetween.

A simple example of limiting the invasiveness using this approach, would be to
have your phone on only at work & home, or similar. In absence of phone
snooping, someone can already easily locate you at those two standard
destinations, and can easily discover when you'd typically be at those places
(ie you're not giving them much by using your phone there under normal
circumstances).

~~~
gm-conspiracy
So, use Google voice or setup your own w/ Twilio (try all numbers), and have a
work cellphone and a home cellphone, a one-way pager (for when you are
traveling), and another travel phone without a battery that you would use if
necessary, based on the pager message?

------
assblaster
The most obvious use of the data appears to be by credit card companies to
detect fraudulent use of a card and decline those transactions. This is
something I'm relatively comfortable with, though it's plainly in the
interests of the bank and I only indirectly benefit from the tracking.

~~~
pdkl95
The most obvious use is insurance companies looking for excuses to deny
claims.

~~~
dspillett
As blocking fraudulent claims could remove a reason for my premiums to he
higher, I can't say I'm against that.

With the caveat, for course, that people are not always where their phone is
so this taken on its own would be circumstantial evidence: one would hope
decisions are not made directly based on this information.

~~~
nojvek
It’s not in the interest of insurance companies to lower premiums. They only
do it if competition is eating them alive. Geico has been raising their
margins ever so slightly. I bet they are also the purchasers of ungodly
amounts of data for targeting marketing.

Insurance companies #1 goal is to make maximum profits for their shareholders
without getting caught with their pants down.

~~~
vuln
GEICO is a private company. There are no shareholders. GEICO is owned by
Birkshire Hathaway which is owned by Warren Buffett.

I am sure your point is still valid with publicly traded insurance companies.

[http://investsnips.com/complete-list-of-insurance-
companies-...](http://investsnips.com/complete-list-of-insurance-companies-
listed-on-u-s-exchanges/)

~~~
jogjayr
> GEICO is owned by Birkshire Hathaway which is owned by Warren Buffett.

Berkshire Hathaway is publicly traded. Warren Buffet owns 36.8% of it.[1]

1\.
[https://en.wikipedia.org/wiki/Berkshire_Hathaway](https://en.wikipedia.org/wiki/Berkshire_Hathaway)

------
entrypoint0
Two related stories:

I went to a recruiting event in 2013, or 14 perhaps, for a major telecom
network in Canada. They were proudly showcasing their ability and interest to
analyze people's data. I was shocked, so I spoke to the hiring manager:

"You should be concerned about google and Microsoft, they have much more data"
he said. They do, but much less sensitive data. And I am paying you! And
google gives me free excellent services. You are an expensive oligopoly with
not the best customer protection track record.

2\. I had a free modem from a major network that came with the internet. I
used the modem at another location while I was away. I got charged for my
usage! The modem was not just a modem, it was sensing more information to
their system. That is how they tracked my usage, if that is the only thing
they tracked. Their technical customer service avoided any form of discussion.
Cancelled my internet line with them, and using VPN for trackable stuff ever
since.

I am seriously considering cancelling my cell phone until their practices
changes.

------
lolc
The way I understood it is that the requester of the location is trusted to
have gotten consent from the subject of the query. The providers will answer
any queries.

So Securus works on the "we're sure our customers are getting consent for
their inquiries" presumption. What are the consequences if a company is found
to not have gotten consent? Business sense dictates there to be no consequence
at all if Securus can avoid it.

The way this should work is that the carriers can get permission to share
location data with third-parties. They should not do it without having gotten
permission from their customer. But then they probably get that when you sign
the contract. Or do they just not mention it?

------
knodi
Carriers are also selling your billing records. They offer a service to return
the carrier billing address/name based on the mobile number.

Not only this but late last year all 4 of the major US carriers are offering
APIs to convert mobile IP to a billing record (name/address/phone number).

~~~
cascom
This is even more disconcerting - just out of curiousirty what does this cost?

~~~
knodi
9c on the high end, under a 1c on the low end (with volume/long term
commitment)

------
braunshedd
Previously discussed yesterday, and again two days before that:
[https://news.ycombinator.com/item?id=17069459](https://news.ycombinator.com/item?id=17069459)

This is one of the reasons I use a public-facing Twilio number, which forwards
to a private number which I never hand out.

This isn't something that people should have to do to opt-out of tracking like
this, but it doesn't seem like there are many other reliable options.

~~~
rando444
If you take that cell phone home with you regularly and don't live in a multi-
unit building, it would be relatively trivial to figure out your identity
using this data.

~~~
braunshedd
Undoubtably. Not a strong protection against doxxing, but might offer some
semblance of protection from 'drive-by-lookups'. With a modern smartphone and
location services, there's only so much you can do.

------
baxtr
What if I as an European visit the states? Am I protected by through some
agreements with my local provider or even GDPR?

~~~
chillingeffect
Through FISA, all foreigners are legal monitorable, no matter what.

This is part of how US mass surveillance works. We record _everything_ and if
it turns out to be a citizen, we're supposed to throw it out. Of course in
reality, it goes to the Parallel Construction Department who uses the
information to build a case against someone through other means, knowing the
answer in advance.

~~~
willstrafach
> Of course in reality, it goes to the Parallel Construction Department

Not the case. US Person Information cannot be queried. You are referring to a
practice used against foreign targets to obfuscate methods of surveillance
(Reasonable folks can object to this as well of course - my only point is that
your portrayal is not accurate).

------
kurthr
I wondered how the spam callers knew what area code I was in while traveling
out of state.

I would assume that through clustering analysis (eg coworkers/friends travel
together) even fairly coarse position data can allow you to construct
relationships. Then they can spam/fish both you end your coworkers with the
same fake number. That makes it seem more important to answer and more
organic.

~~~
wpietri
A friend of mine just got back from NYC and then received a fake call from an
NYC area code. I get several every day from random area codes, and we had to
wonder whether it was coincidence or not.

------
wmeredith
Anyone have a link to jeans with faraday pockets?

~~~
dhimes
Would airplane mode work?

~~~
metalliqaz
Airplane mode would work, yes. But it only works against the cell provider.
The on-phone GPS can still work and sync the data later.

~~~
hanspeter
I would imagine the airplane mode deactivates GPS signal recipience?

~~~
ThinkingGuy
I can confirm that it doesn't, at least on the iPhone 7. I recently took one
on an overseas trip and left it in airplane mode the whole time. The photos I
took during the trip were all properly geotagged.

------
TangoTrotFox
Another 'fun' implication of this are the increasingly large number of sites
that try to obtain your phone number either through SMS messages during
account setup, two factor authentication, or any other number of ways. The
accounts you have on those sites link directly to your physical presence.
Taking it one small step further, any accounts on other sites you have linked
to those accounts are similarly effected. Taking it one step even your dynamic
IP address at any given moment can end up working as a physical identifier.

The amount of information the NSA has on people is going to be phenomenal.
It'd be interesting to be able to glimpse the data just to see how much we all
give away. Here's to hoping we never once ever end up putting a 'bad' person
in high office because the amount of targeted damage somebody could do with
this information is just staggering to even consider.

------
cyanbane
Does anyone know of a way you can request consent status from your service
provider?

~~~
erikpukinskis
Send a letter to their legal department requesting the information.

------
gpvos
_> the Electronic Communications Privacy Act only restricts telecom companies
from disclosing data to the government. It doesn't restrict disclosure to
other companies_

Clearly the US has their priorities completely the wrong way.

~~~
RubenSandwich
Part of the American mythology is that government involvement is always bad.
It's hard for me to know if this developed because of the myths of the America
Revolution, that a small colony won it alone and not because of external
factors, and how much is due to people preaching small government politics.
Regardless a distrust of the government seems to be ingrained in the American
psyche IMO.

~~~
stevehawk
Ahaha what? There's no myth that we won it alone. Elementary school texts on
the subject lay it out fairly clearly that we did it with the French.

~~~
RubenSandwich
They may talk slightly about the French help but none talk about The
Spanish[1] also England was having trouble recruiting for the unpopular war so
much so that about ~1/3 of the British fighting forces were mercenaries[2].
The Revolutionary war was won basically because the British Empire was
starting to show it's cracks and other countries jumped at the chance to speed
up it's demise.

[1]
[https://en.wikipedia.org/wiki/Spain_and_the_American_Revolut...](https://en.wikipedia.org/wiki/Spain_and_the_American_Revolutionary_War)
[2]
[https://en.wikipedia.org/wiki/American_Revolutionary_War#Rec...](https://en.wikipedia.org/wiki/American_Revolutionary_War#Recruitment)

~~~
specialp
There's no doubt that those were factors that aided. As always nothing in
world history happened due to a singular factor or cause. But it is not
mythology that a lot of brave and enlightened people fought an empire and have
become a very successful country. What next? Are we to discount the Allies win
over the Axis because well the Third Reich was worn down due to fighting in
Russia? I am a US born citizen and criticize our country quite a bit, but it
is insulting to say that the uprising here wasn't the main factor in us
achieving our independence.

------
Horatio9000
There was mild discontent when the Data Retention laws [1] were being rolled
out across the EU in the early 2010s. This was a legal harmonization of
existing collection practices for law enforcement purposes. It did receive a
lot of press coverage and some small protests (even though in reality the
collection was already widespread).

In 2009, Malte Spitz (German Green Party politician) sued his telecom provider
for all the information they had stored on him in the last 6 moths. He and
others made a good (and spooky) visualization showing how it tracked his
entire life [2]. He did a TED talk about it [3], which received a spirited
applause and unfortunately minor press coverage.

I think many naively bought the idea that all this detailed data was only for
LE (maybe a side effect of all the reporting on the Data Retention Laws?),
despite constantly seeing clauses in their EULA's saying their data will be
shared with third parties.

\----

People only care about these issues once they become evident and widespread,
and they personally are affected. I remember the shock my friends had when
Google Maps released the location history feature. Up until then, its just a
theoretical concern.

Good demonstrations, hard hitting expositions and good press coverage are
essential.

\----

[1] -
[https://en.m.wikipedia.org/wiki/Data_retention](https://en.m.wikipedia.org/wiki/Data_retention)

[2] - [https://www.zeit.de/digital/datenschutz/2011-03/data-
protect...](https://www.zeit.de/digital/datenschutz/2011-03/data-protection-
malte-spitz)

[3] - [https://youtu.be/Gv7Y0W0xmYQ](https://youtu.be/Gv7Y0W0xmYQ)

------
noobermin
Turns out that Stallman was right.

------
mancerayder
The individual rights under the Constitution have been deemed, in the U.S., to
only apply to government and government institutions.

The private companies are exercising their free market rights, unfettered by
inconveniences like privacy rights, and thus can (as per the article and the
random65... whistleblower user at the top of this thread at the time of this
writing) track behavior and sell the data.

Therefore, does it follow that government canNOT be the buyer of such data?
That police departments or the FBI or others cannot access this data?

Is there a Chinese Wall in place to prevent such things from happening. Or...?

------
jiveturkey
> _one of the biggest gaps in US privacy law._

Gaps? How about lack of?

[https://content.next.westlaw.com/6-502-0467?transitionType=D...](https://content.next.westlaw.com/6-502-0467?transitionType=Default&firstPage=true&bhcp=1&contextData=\(sc.Default\))

General Laws: Not Applicable.

Sectoral Laws: There is no national law.

\----

How outrageous and disgusting that congress can make a big show of questioning
facebook over privacy, when they don't have the courage to pass even moderate
data privacy laws. How much do you want to bet this location data will be
ignored by congress?

------
turdnagel
I met a high-level executive at Ericsson who told me that he had met with Tim
Armstrong (CEO of AOL) could make $5 billion more a year if he had access to
location data with <50m accuracy.

------
fixermark
So as a private citizen, I can pool some money and get the same level of
tracking that American intellignece services have of individual cell hardware?

Sounds like a win for the citizens.

------
jhowell
> Cook: What would he do if he were Facebook CEO Mark Zuckerberg? His answer:
> “I wouldn’t be in this situation.”

Sounds like one of those situations to me...

------
Steeeve
It's funny to me that this is news to anyone. This has been going on for quite
some time - at least the length of my career. For the longest time it was wide
open for anyone to access who had an inkling of knowledge about how mobile
devices worked.

Did this _never_ come up at defcon or in an issue of 2600? Are people really
_that_ focused on web security?

------
wpdev_63
When are we going to wake up and reform privacy laws?! This cannot be the new
norm.

Something about this has to be illegal.

~~~
trystero
Have you heard of our lord and saviour, GDPR?

~~~
wpdev_63
This article is about the US telecoms

------
yawz
Isn't this covered under CPNI [1]? Something that consumers can opt out?

[1]
[https://www.wikiwand.com/en/Customer_proprietary_network_inf...](https://www.wikiwand.com/en/Customer_proprietary_network_information)

------
Rjevski
This exploits a vulnerability in the SS7/MAP protocols that power mobile
networks worldwide; the cooperation of the carrier isn't even required (even
if carriers were against this; bad actors can and will get this data anyway).

~~~
willstrafach
You are referring to the command used to request where to route an SMS
message, I assume? If so, carriers can (and have been albeit very slowly)
restrict this activity so it is less of a free-for-all.

That said, it seems they are intentionally selling this data as well, which is
a whole new issue.

------
BigBalli
After reading this post a couple hours ago, I was able to play around with
LocationSmart's API. Indeed seems quite powerful/comprenhensive. As of an hour
or so, they took down their try/demo webpage and related open API.

------
kylehotchkiss
Don't banks use this data when you create an account nowadays too? I just
created a capital one account and they were actually pretty transparent that
they'd be checking the location of my phone via carrier.

------
g8oz
I assume this is how we get real-time road traffic information, is it not?

------
mastofaces
I tried location smart website said location accuracy was up to 14 miles off.
They were really 4 miles off. So not that accurate. If it was 2 blocks like
other poster I'd be worried.

------
JudasGoat
It is very tempting to go full "tin foil hat" at this point. I am seriously
considering removing my cell battery and powering it up semi hourly to check
for messages.

~~~
dredmorbius
How much do you typically move in 30 minutes?

------
toetied
i havent read all 504 comments, and dont plan to, but this should come as no
suprise to anyone, unfortunatly it does. cogress, dc, will not help there is
too uch to gain, posting the info in real time of the ones in power, will
shine a light on the issue, they will make it look like this has been taken
care of-while it continues. the ONLY solution in my opinion its a revolt-
against big data/tech, not a boycott, and exodus to DIY open source tech.

------
AlexCoventry
Does disabling the location data via the settings make any difference, and is
there an app which will turn off location data after a set period?

~~~
thsowers
No, I tried with my number, all location data off. GPS landed right on my
house, very room phone was in.

------
jobigoud
The article mentions banks tracking your credit card usage to detect fraud.
Are there known instances of banks reselling this location data?

------
yosito
Has anyone suggested a practical way that people can avoid being tracked?
(Aside from Airplane Mode or keeping your phone in a Faraday Cage)

~~~
mLuby
I see a lot of suggestions about reducing or shutting off your signals, but
what about _boosting_ them in certain directions? As far as I understand cell
tower triangulation, having a stronger signal in one direction might offset
your calculated position in that direction. I wouldn't expect that to decrease
connectivity, just require special equipment and more battery life.

~~~
yosito
Interesting concept, although I don't even want my general vicinity to be
tracked or shared without my consent.

------
8bitsrule
Once the books are all burned, there will be no more book-burnings.

------
thr0waway999
Isn't this how teralytics.net gets the data it sells?

------
m3kw9
Isn’t carrier IQ been always doing that?

~~~
Someone1234
Carrier IQ was far more invasive than just location. Their "Experience
Manager" was supposedly tracking every app launch, time spent in that app,
metrics on key & button presses within that app, and other misc interactions.

They got accused of being a "keylogger" which they rightly said they weren't,
but that ignores how invasive and creepy Experience Manager was (is?). Their
whole argument was that carriers can use this app data to see what apps are
draining battery, which is kind of bs since carriers are in no position to
resolve battery issues or advise customers.

The reality is that carriers wanted more information on how customers were
using their devices, Carrier IQ provided that raw data, and both got rich.
They survived the scandal because the critics focused on keylogging, instead
of the highly invasive usage analytics which it really was.

------
0xb8000
We don’t have a problem when google does it ?

~~~
goda90
You don't have to use a Google powered phone. But the modern economy almost
demands you have a cell phone.

------
arca_vorago
One of these days, most of you will finally understand just how right RMS was
and is...

It's just a shame so many can't see it, and worse, give those of us who do
shit.

~~~
noetic_techy
RMS = Richard Stallman?

~~~
reustle
Correct

------
ataturk
It's so strange--I never would have expected the boot of tyranny to come from
private corporations, but here we are. And what all this proves is that
technology is value-neutral and can wipe us all out, or just make us
incredibly miserable, if we let it.

Hopefully there will be a way to opt out. Otherwise, I should start selling
faraday bags for devices. Probably should anyways.

~~~
rectang
This tracking abomination is an emergent phenomenon of the merger of private
industry and government in the US. See for example both legalized bribery
(a.k.a. unlimited campaign contributions by corporations thanks to Citizens
United) and outright bribery (Cohen) by telecoms like AT&T, ensuring that they
will have the flexibility to perpetrate such garbage as this tracking data
sale.

Why not distrust _both_ government and industry? The rule "power corrupts"
holds in either case.

~~~
18pfsmt
Are you saying AT&T bribed Cohen in order to have the Justice Dept. sue AT&T
over its acquisition with Time Warner?

~~~
rectang
I'm saying AT&T bribed Cohen, which is what we have evidence for so far.
Perhaps there will be additional communiques exposed later which reveal
specific requests.

They did not get the outcome they wanted with the acquisition, but there was
also the matter of the administration wanting to punish CNN. Maybe AT&T should
have paid more.

But AT&T has still done remarkably well vis a vis the FCC's selective
deregulation of net neutrality, which makes it much easier for existing ISPs
to leverage their quasi-monopolies and compete unfairly within other
verticals.

The American system of legalized bribery needn't produce a bill of sale for
regulatory capture.

------
5064364100
Very much a tangent, but this song is the perfect soundtrack for privacy /
tracking articles like these:
[https://www.youtube.com/watch?v=8ttTf8N7Bwg](https://www.youtube.com/watch?v=8ttTf8N7Bwg)

 _" The Hymn Of Acxiom"

Somebody hears you. you know that. you know that. Somebody hears you. you know
that inside. Someone is learning the colors of all your moods, to (say just
the right thing and) show that you’re understood. Here you’re known.

Leave your life open. you don’t have. you don’t have. Leave your life open.
you don’t have to hide. Someone is gathering every crumb you drop, these
(mindless decisions and) moments you long forgot. Keep them all.

Let our formulas find your soul. We’ll divine your artesian source (in your
mind), Marshal feed and force (our machines will) To design you a perfect
love— Or (better still) a perfect lust. O how glorious, glorious: a brand new
need is born.

Now we possess you. you’ll own that. you’ll own that. Now we possess you.
you’ll own that in time. Now we will build you an endlessly upward world,
(reach in your pocket) embrace you for all you’re worth.

Is that wrong? Isn’t this what you want? Amen._

------
_o_
I think that Snowden comment fits here:

"Arguing that you don't care about the right to privacy because you have
nothing to hide is no different than saying you don't care about free speech
because you have nothing to say,"

------
swerveonem
How do I get into this business? PM me if you want to collaborate.

------
Spooky23
I’m shocked that anyone is shocked about this! Transportation departments have
been buying this data since the late 90s.

More creepy are the planning solutions for commercial development. You can buy
datasets that will tell you the average income of drivers on larger highways
in hourly buckets.

~~~
forgottenpass
We don't _all_ work in adtech, you know?

~~~
trophycase
And thank god for that...

------
Negative1
I've just started using Signal and was surprised by how good the call quality
is. For those that aren't aware, Signal calls are encrypted, so you
effectively give nothing to the cell carrier when you make a call through it
(except that you used some data).

~~~
goda90
Unless I misunderstood, this has nothing to do with what apps you use to
communicate. It has to do with connecting to the cellular network at all. I
think the only way around this would be to run airplane mode with wifi only,
and then taking lots of steps to keep your wifi use private too.

