PogoWasRight.org

Menu
  • About
  • Privacy
Menu

EFF Sues AT&T, Data Aggregators For Giving Bounty Hunters and Other Third Parties Access to Customers’ Real-Time Locations

Posted on July 16, 2019June 24, 2025 by Dissent

SAN FRANCISCO — The Electronic Frontier Foundation (EFF) and Pierce Bainbridge Beck Price & Hecht LLP filed a class action lawsuit today on behalf of AT&T customers in California to stop the telecom giant and two data location aggregators from allowing numerous entities—including bounty hunters, car dealerships, landlords, and stalkers—to access wireless customers’ real-time locations without authorization.

An investigation by Motherboard earlier this year revealed that any cellphone user’s precise, real-time location could be bought for just $300. The report showed that carriers, including AT&T, were making this data available to hundreds of third parties without first verifying that users had authorized such access. AT&T not only failed to obtain its customers’ express consent, making matters worse, it created an active marketplace that trades on its customers’ real-time location data.

“AT&T and data aggregators have systematically violated the location privacy rights of tens of millions of AT&T customers,” said EFF Staff Attorney Aaron Mackey. “Consumers must stand up to protect their privacy and shut down this illegal market. That’s why we filed this lawsuit today.”

The lawsuit alleges AT&T violated the Federal Communications Act and engaged in deceptive practices under California’s unfair competition law, as AT&T deceived customers into believing that the company was protecting their location data. The suit also alleges that AT&T, LocationSmart, and Zumigo have violated California’s constitutional, statutory, and common law rights to privacy.

“The location data AT&T offered up for sale is extremely precise and can locate any of its wireless subscribers in real time, providing a window into the intimate details of their lives: where they go to the doctor, where they worship, where they live, and much more,” said Abbye Klamann Ognibene, an associate at Pierce Bainbridge.

“To sell this information without any notification to users is deceptive, extraordinarily invasive of their privacy, and illegal,” said Thomas D. Warren, a partner at Pierce Bainbridge.

The lawsuit, Scott, et al. v. AT&T Inc., et al., filed in the U.S. District Court of the Northern District of California, seeks money damages and an injunction against AT&T, as well as the involved location data aggregators, LocationSmart and Zumigo. The injunction would prohibit AT&T from selling customer location data and ensure that any location data already sold is returned to AT&T or destroyed.

For the complaint:
https://www.eff.org/document/scott-v-att-geolocation-complaint

For more information about the case:
https://www.eff.org/cases/geolocation-privacy

Source: EFF

Related posts:

  • Is EFF defending corporations from people whose lives have been RUINED, like attorney Carrie Goldberg claims? Part 2 (EFF’s Response)
  • How the Federal Government Buys Our Cell Phone Location Data
  • There’s a Multibillion-Dollar Market for Your Phone’s Location Data
Category: BreachesBusinessCourt

Post navigation

← City Halls Use Facial Recognition To Blacklist And Ban Residents
FBI Wants To Ramp Up Social Media Surveillance →

Now more than ever

Search

Contact Me

Email: info@pogowasright.org

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

Categories

Recent Posts

  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard

RSS Recent Posts on DataBreaches.net

  • Minnesota National Guard deployed; St. Paul declares state of emergency in response to cyberattack
  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
©2025 PogoWasRight.org. All rights reserved.
Menu
  • About
  • Privacy