October 22, 2019

October 21, 2019

Subscribe to Latest Legal News and Analysis

Tracking Your Every Move: Investigation Finds Telecom Giants Sold Customer GPS Data

Who can track your location through your smartphone? The phone companies have the ability to do so, and until recently, have been selling your location data to private companies so that bounty hunters and creditors could track you down anywhere on the continent.

An investigation by Motherboard, an online publication, found that approximately 250 bounty hunters and related businesses had access to customer location data from various telecommunications companies. Documents obtained in the investigation show that telecom companies sold data intended to be used by 911 operators and first responders to data aggregators, who sold it to companies like CerCareOne, who sold the information to bounty hunters. Some bounty hunters then resold the data to others unauthorized to handle it. This data was in some cases so accurate that it could pinpoint an individual’s exact location inside a building.

 CerCareOne, one company that was investigated, operated for at least five years until late 2017 and sold cell phone tower data as well as highly sensitive and accurate GPS data. GPS-enabled devices are offered by every major telecom carrier and are used to access rideshare services, maps, roadside assistance and 911 location services. CerCareOne’s data ultimately provided customers with a map interface of a device’s approximate location.

The investigation revealed that CerCareOne sometimes charged up to $1,100 per phone location and that some customers made around 18,000 individual phone location requests per year. The existence of CerCareOne was kept secret by requiring subscribers to keep the service confidential.

After Motherboard’s reporting, fifteen senators have called on the FCC and FTC to investigate how consumer location data ended up in the hands of bounty hunters. In a time when media and policy makers are paying more attention than ever to how location and other sensitive data is collected and sold, this investigation reveals the practical concerns of accessibility to mobile networks and the data they generate.

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.


About this Author

Theodore Claypoole, Intellectual Property Attorney, Womble Carlyle, private sector lawyer, data breach legal counsel, software development law
Senior Partner

As a Partner of the Firm’s Intellectual Property Practice Group, Ted leads the firm’s IP Transaction Team, as well as data breach incident response teams in the public and private sectors. Ted addressed information security risk management, and cross-border data transfer issue, including those involving the European Union and the Data Protection Safe Harbor. He also negotiates and prepares business process outsourcing, distribution, branding, software development, hosted application and electronic commerce agreements for all types of companies.


Whitney Kamerzel, Womble Dickinson Law Firm, Charlotte, Corporate and Litigation Law Attorney

Whitney Kamerzel is an associate in the firm’s Business Litigation practice group in the Charlotte office.  Her practice involves a variety of dispute resolution and general civil litigation matters.   

Prior to her current position, Whitney served as a volunteer lawyer in Phnom Penh, Cambodia.  In this role, Whitney worked on international human rights cases and instructed non-governmental organizations in Myanmar, Cambodia, and the Philippines on investment mapping exercises.  While attending the University of South Carolina, Whitney served as a Graduate Assistant and helped plan and implement JUSTRAC (Justice Sector Training, Research, and Coordination) programming to U.S. Federal Government officials and private sector personnel.  The trainings focused on rule of law, human rights, and justice sector reform in developing countries.