Wyden calls for FCC investigation into cell-phone tracking used by law enforcement
Democratic Sen. Ron Wyden has asked the Federal Communications Commission to investigate revelations that U.S. law enforcement officials have access to a tracking service that can geolocate almost any phone in the country.
The tracking service provided by Securus Technologies accesses location data from big wireless carriers like AT&T and Verizon to pinpoint phone users, and a former Missouri sheriff allegedly used the service to track other officers without court orders, the New York Times reported.
A spokesperson for Securus, a Texas-based provider of prison phone services, told The Times that the firm requires customers to submit legal evidence, such as an affidavit or warrant, that the surveillance is authorized. But in his letter to the FCC, Wyden said Securus employees confirmed to his office that the firm “takes no steps to verify” that those documents legally authorize surveillance.
The Oregon senator called Securus’s vetting process “nothing more than the legal equivalent of a pinky promise.”
“Federal law – enforced by the FCC – restricts how and when wireless carriers may share certain customer information, including location data,” Wyden wrote. He called for the FCC to investigate Securus, wireless carriers’ “failure to maintain exclusive control” over law enforcement access to customer data, and the carriers’ third-party data agreements.
An FCC spokesperson did not respond to CyberScoop’s request for comment on the letter.
Wyden also wrote to major wireless carriers asking them to investigate their privacy and security practices. In a letter to AT&T, the senator asked the telecoms giant to take “proactive steps to prevent the unrestricted disclosure and potential abuse of private customer data.”
The pervasiveness of mobile-phone location data, as well as a vulnerability in a protocol used by cellular networks to communicate, have long drawn concerns from cybersecurity experts. Last year, hackers were able to access bank accounts by exploiting vulnerabilities in the protocol, known as Signaling System No. 7., according to a German newspaper report.
You can read Wyden’s letters to the FCC and AT&T below:
[documentcloud url=”http://www.documentcloud.org/documents/4457973-Wyden-Securus-Location-Tracking-Letter-to-Fcc-6-3.html” responsive=true]
[documentcloud url=”http://www.documentcloud.org/documents/4457972-Wyden-Securus-Location-Tracking-Letter-to-Att-7-3.html” responsive=true]