The Federal Communications Commission (FCC) announced late last week that it is investigating reports that websites may have enabled the location of mobile phone customers to be tracked.
Reuters reported that the FCC referred news reports that broke earlier in the week to its enforcement bureau for investigation. Robert Xiao, a researcher at Carnegie Mellon, contends that the data from LocationSmart, a California technology firm, could have been used to track mobile customers of AT&T, Verizon Communications, Sprint and T-Mobile. He blamed it on a flaw in the software.
According to the report, the customers could be tracked as close as a few hundred yards of their locations without their knowledge. Those reports even prompted Oregon Democratic Senator Ron Wyden to call on the FCC to investigate the allegations. On Twitter, Wyden said: “A hacker could have used this site to know when you were in your house so they would know when to rob it. A predator could have tracked your child’s cell phone to know when they were alone.”
The Senator told Reuters he was glad the FCC would be investigating the matter. “I urge the FCC to expand the scope of this investigation, and to more broadly probe the practice of third parties buying real-time location data on Americans,” said Wyden.
Earlier this month, The New York Times reported that charges had been filed against a former sheriff in Mississippi County, Missouri who used Securus Technologies to track the mobile phones of police officers without getting a court order. Reports pointed to LocationSmart as the source of the data.
Most of the mobile phone carriers told Reuters they have launched inquiries into the matter and have taken steps to ensure that the location data is not accessible. Securus said the access to location-based services data has been disabled for now.
LocationSmart spokeswoman Brenda Schafer said on Friday that the flaw “has been resolved and the demo has been disabled.”