United States of America: Issued FCC ruling following an investigation into T-Mobile for allegedly failing to protect its customers' location information

On 28 February 2020, the Federal Communications Commission (FCC) proposed a fine of over USD 91 million against T-Mobile for allegedly failing to protect customers' location information and for sharing it without consent. This decision enforces the data protection regulation under section 222 of the Communications Act, which mandates carriers to safeguard customer information and obtain explicit consent before disclosing or allowing access to this information. The FCC's investigation, initiated after reports of unauthorised disclosure of location information to a Missouri Sheriff via a location-finding service operated by Securus, determined that T-Mobile, along with other carriers, had sold access to customer location information to aggregators, who then resold it to third-party service providers without valid customer consent.