We'll Be on Our Best Behavior. Trust Us.
Sprint, AT&T and Verizon are looking at billions in new revenue by selling user location data (and anything else that isn't nailed down) to marketers, city planners, and everyone else. As such they're busily trying to derail what's essentially a rather feeble inquiry by the FCC
carriers fear could result in the government actually imposing privacy consumer protections. In a slate of new filings with the FCC, Sprint is arguing that because wireless operators are no longer really important gatekeepers (which of course isn't true), there's no need for the government to get involved in consumer privacy protections:
"Carriers are no longer the gatekeepers or sole enablers of the mobile experience. Many players have a role in a user's mobile experience, from platform providers to device manufacturers to application providers, as well as carriers."
It's a fairly thin argument to suggest there should be no privacy protections for users because everybody
along the food chain (from Verizon to Google, Apple, or third party vendors) is busy happily selling user data with absolutely no rules in place. All three of the biggest carriers continue to argue that companies should be allowed to "self-regulate" on this front. From an AT&T filing with the FCC:
A flexible privacy framework that relies on the development of voluntary codes of conduct with a first layer of self-enforcement by market-based accountability mechanisms, with the backstop of FTC oversight, can best take account of the role that each participant plays in the mobile marketplace."
We've all seen how well self-regulation works (see: banks), and in general such efforts tend to be show ponies designed to do just barely enough to prevent the creation of real rules, resulting in a downward cycle of repeat offenses and scandals (see: banks). For numerous years now companies like Verizon have argued that public shame will keep them honest
about privacy abuses, though the fact most of these transactions occur in secret (with consumers barely informed via nebulous fine print) results in most violations never coming to light. ISPs, for example, have sold user clickstream data for years without disclosure or consent
, with nobody batting an eyelash.
The fact remains that there's simply so much cross industry lobbying cash
aligned against consumer privacy protections for wireless that we'll likely never see any rules with teeth. Another "problem" is that if someone starts imposing restrictions on the sale of user location data to marketers, that could lead to somebody actually doing something about these carriers dumping data in the lap of intelligence agencies with little to no regard for the law
-- and we certainly wouldn't want that.