Early in January, Motherboard's Joseph Cox broke a blockbuster story about how America's mobile carriers sold access to their customers' realtime location data to many shady marketing brokers, who then quietly slipped that data to bounty hunters and other unsavory characters -- a practice that they'd been caught in before and had ">falsely promised to end.
Since then, things have only gotten worse, with revelations that the companies involved had lobbied for lax privacy rules, arguing that they could be trusted to police themselves; meanwhile, Trump's loathesome FCC Chairman Ajit Pai stonewalled Congress and America on his agency's actions on the practice.
Now Cox has another blockbuster: bounty hunters don't need to use back-channels to procure location information from data-brokers: they can skip the middlemen and simply call up your phone company and pretend to be a cop hoping to find someone who has gone missing, or been the victim of a crime, and the carriers often give them all the data they want, including fine-grained E-911 data that can locate you within a few feet, even indoors.
What's more, it's not just bounty hunters who use this trick: men with histories of spousal abuse, stalkers and other predators seeking to locate their prey make liberal use of it.
There are even professional cop-impersonators who offer location data as a service: pay them and they will call up a carrier and fraudulently obtain your target's location for you.
Thanks to the poor due-diligence at the carriers, this practice seems to be widespread.
The court records mention an email domain—”gafugitivetaskforce1.net”—which Edens used to convince T-Mobile he was a legitimate law enforcement official. In the audio recording, Edens says he also spoofed the area code of this phone number, likely to make T-Mobile believe he was calling from a different part of the country.
In one email from T-Mobile included in the court records, the telco responds to the fake law enforcement officer with a handy Google Maps link of the target’s approximate, real-time location.
With this technique, phone location data has ended up in the hands of people who may abuse it. Edens had a history of domestic violence, stalking, and harassment, according to court records. Specifically, in 2011 Edens was convicted of aggravated stalking and harassing phone calls; in 2006, he was convicted of battery after he caused visible bodily harm to his wife, by kicking her in the shin and grabbing her arms, according to court records.
According to court records from the US Marshals case, Edens impersonated a law enforcement officer in order to locate and repossess cars from people who were late on their payments. In one case, Edens headed to one woman’s home at “all hours of the night” and showed up at her work place, a document filed by government attorneys in the phone location case adds.
“In this case, Defendant not only used the location information to find the victims, but also to harass and threaten at least one victim,” the government filing adds.
Stalkers and Debt Collectors Impersonate Cops to Trick Big Telecom Into Giving Them Cell Phone Location Data [Joseph Cox/Motherboard]
(Image: Ali Express)