SAN FRANCISCO — The Electronic Frontier Foundation (EFF) and Pierce Bainbridge Beck Price & Hecht LLP filed a class action lawsuit today on behalf of AT&T customers in California to stop the telecom giant and two data location aggregators from allowing numerous entities—including bounty hunters, car dealerships, landlords, and stalkers—to access wireless customers’ real-time locations without authorization.
An investigation by Motherboard earlier this year revealed that any cellphone user’s precise, real-time location could be bought for just $300. The report showed that carriers, including AT&T, were making this data available to hundreds of third parties without first verifying that users had authorized such access. AT&T not only failed to obtain its customers’ express consent, making matters worse, it created an active marketplace that trades on its customers’ real-time location data.
“AT&T and data aggregators have systematically violated the location privacy rights of tens of millions of AT&T customers,” said EFF Staff Attorney Aaron Mackey. “Consumers must stand up to protect their privacy and shut down this illegal market. That’s why we filed this lawsuit today.”
The lawsuit alleges AT&T violated the Federal Communications Act and engaged in deceptive practices under California’s unfair competition law, as AT&T deceived customers into believing that the company was protecting their location data. The suit also alleges that AT&T, LocationSmart, and Zumigo have violated California’s constitutional, statutory, and common law rights to privacy.
“The location data AT&T offered up for sale is extremely precise and can locate any of its wireless subscribers in real time, providing a window into the intimate details of their lives: where they go to the doctor, where they worship, where they live, and much more,” said Abbye Klamann Ognibene, an associate at Pierce Bainbridge.
“To sell this information without any notification to users is deceptive, extraordinarily invasive of their privacy, and illegal,” said Thomas D. Warren, a partner at Pierce Bainbridge.
The lawsuit, Scott, et al. v. AT&T Inc., et al., filed in the U.S. District Court of the Northern District of California, seeks money damages and an injunction against AT&T, as well as the involved location data aggregators, LocationSmart and Zumigo. The injunction would prohibit AT&T from selling customer location data and ensure that any location data already sold is returned to AT&T or destroyed.
For the complaint:
https://www.eff.org/document/scott-v-att-geolocation-complaint
For more information about the case:
https://www.eff.org/cases/geolocation-privacy
Source: EFF