In May, the New York Times reported on a private company that purchased bulk user location data from US cellular carriers and then re-sold individual location data to law enforcement in a blatant violation of customer privacy and legal due process:
The service can find the whereabouts of almost any cellphone in the country within seconds. It does this by going through a system typically used by marketers and other companies to get location data from major cellphone carriers, including AT&T, Sprint, T-Mobile and Verizon, documents show.
US Sen. Ron Wyden (D-Ore.) took action the next day, calling on carriers to discontinue selling subscriber data to so-called “location aggregators”. So far AT&T, Verizon, Sprint, and T-Mobile have responded, issuing statements of intent to cut ties with location middlemen. Whether they will continue to share subscriber location data without explicit and affirmative consent remains to be seen. Congressional Republicans show no interest in preventing them:
“Chairman Pai’s total abandonment of his responsibility to protect Americans’ security shows that he can’t be trusted to oversee an investigation into the shady companies that he used to represent,” Wyden said. “If your location information falls into the wrong hands, you—or your children—can be vulnerable to predators, thieves, and a whole host of people who would use that knowledge to malicious ends.”
FCC Chairman Ajit Pai represented Securus in 2012. More information from ArsTechnica, who report that Obama-era regulations were blocked by Congress that would have prevented this kind of behavior.