New report offers more info on T-Mobile, AT&T, and Sprint customer location data being sold to bounty hunters

cercareone-location-data

Remember that story that came out last month about T-Mobile, AT&T, and Sprint customer location data being bought by bounty hunters? Turns out that the issue may have been bigger than originally thought.

A new report has shed more light on the situation involving the location data of major U.S. carriers being sold and trickling down to bounty hunters, including some people who accessed this data thousands of times. Motherboard explains that around 250 bounty hunters and related businesses had access to location data of T-Mobile, AT&T, and Sprint customers, with one bail bond firm using the phone location service more than 18,000 times, while another bounty hunter made more than 1,000 phone location requests in a year of use.

The report includes info on a company called CerCareOne, which sold cellphone tower data and assisted GPS (A-GPS) data, which is typically used to locate cellphones that dial 911. CerCareOne operated between at least 2012 and late 2017 and was largely kept secret because its terms of use required customers to keep quiet about its existence. The company would charge up to $1,100 for a phone’s location, which would gather data from cell towers and give the phone’s approximate location on a Google Maps-like interface.

A couple of bail agents were interviewed for this report and defended their use of wireless customer location data. ““This type [of] information is solely used for and extremely beneficial in locating and tracking wanted fugitives who have jumped bond and are also wanted by law enforcement for absconding from justice,” said Charles Rhea Shaw III from Georgia. Both he and another bail agent say they had permission from their clients in their bail recovery contracts to use location services.

This user location data originated from T-Mobile, AT&T, and Sprint, who sold it to location aggregators like Locaid, which was eventually bought by LocationSmart, a company involved in a location data scandal of its own in 2018. Locaid and LocationSmart then sold data access to other companies, including CerCareOne, which then sold that access to its own customers.

When asked if it’s sold A-GPS data, T-Mobile said to Motherboard, “We don’t have anything further to add at this stage.” T-Mo did provide a new statement based on the information in today’s report, instead pointing to the statement it gave last month in which it said that it’s completely ending location aggregator work.

This whole matter is unsettling, especially with this latest info regarding A-GPS data and how accurate those details can be. “Oftentimes A-GPS provides location information about where someone is inside a building,” said Laura Moy, executive director at the Center on Privacy & Technology at Georgetown University Law Center. T-Mobile has said that it’s ending all location aggregator work in March. In the mean time, you can get a lot more info on this whole situation by reading the full report at the link below.

Source: Motherboard

Tags: , , , , , ,

  • riverhorse

    Bad boys, bad boys….
    whatcha gonna do when they come for you?

    • JG

      whatcha gonna do when they come for you?

      Leave my cell phone at home, or maybe casually drop it into the back of a truck heading in the opposite direction I am…

      And don’t forget to lose the fitness tracking devices (FitBit etc), and any other GPS and/or internet enabled devices…. Get as much cash from an ATM as possible before you officially disappear then lose the credit cards…. Don’t log into any of your online accounts (even from public terminals)….

  • JG

    ““This type [of] information is solely used for and extremely beneficial in locating and tracking wanted fugitives who have jumped bond and are also wanted by law enforcement for absconding from justice,” said Charles Rhea Shaw III from Georgia

    No… It’s not solely being used to track wanted fugitives who’ve jumped bail and are wanted by law enforcement….

    The last article was about a P.I. charging $300 to find a lost phone… Find one with questionable enough morals, and I’m sure an abusive husband could equally use it to track down his “escaping” wife… Or a pedophile to track down their next child victim… Or any other number of potentially sketchy, non-catching fugitives ussages…

    • Exactly, unless someone has a warrant they should not have access to anyones location data. I can’t believe the carriers would sell this data, I mean they already sell our browsing and phone habits, WTF man! Why isn’t this illegal? If I tried to steal someone location it would be illegal but if the actual company does it, it’s not?