U.S. phone companies limit sharing of location data, while Canadian carriers insist they already do

CBC

Updated June 22, 2018 at 4:00 a.m.

After media reports showed how the location of cellphone users in the U.S. and Canada could be obtained without their consent, wireless carriers in the U.S. say they will scale back the location data-sharing relationships that allowed the privacy breaches to happen in the first place.

But in Canada, it's still business as usual — because the standard for sharing a person's location is already higher here than in the U.S., a joint data-sharing venture between the country's three major telecom companies insists.

Major U.S. carriers such as Verizon and AT&T made their subscribers' location available through a third-party aggregator called LocationSmart, which in turn sold access to the data to other companies for purposes such as fraud prevention and marketing.

In Canada, Rogers, Telus and Bell operate a similar aggregator themselves, a joint venture called EnStream. It charges approved third-party companies a fee to look up a users' location at a given moment — and only with their explicit consent.

"It's a governance issue," explained Robert Blumenthal, EnStream's chief identity officer. He said that because EnStream is jointly owned and operated by the telecom companies, they can more tightly monitor and control who is requesting access to their subscribers' location than telecom companies could in the U.S.

And unlike the U.S., Blumenthal said EnStream already bars law enforcement and marketing uses.

'Someone can just lie'

Still, both EnStream and U.S. brokers like LocationSmart are similar in one significant way: Their relationships with third-party companies are largely built on the trust that any access to location data won't be abused.

"You're relying on somebody, somewhere — whether that's in the telecom, or the broker provider in the application — to record that signal [of consent] correctly and relay it to the telecom system," said Sarah Jamie Lewis, previously a telecommunications security analyst for the U.K. government intelligence agency GCHQ, and now the executive director of Vancouver-based non-profit OpenPrivacy. "And that model can always be broken, because someone can just lie."

This is precisely what happened in the U.S. The New York Times reported last month that a former U.S. sheriff was able to use a service called Securus to track the location of U.S. cellphones by falsely claiming he had the authority to do so. The location data was ultimately provided by LocationSmart.

Shortly after, a Carnegie Mellon University security researcher discovered a flaw in the LocationSmart website could also allow someone to look up the location of cellphone users in both the U.S. and Canada without their consent.

In the aftermath, Verizon, AT&T, Sprint and T-Mobile said they would wind down their existing agreements with LocationSmart and companies like it. Like EnStream, it's possible they could choose to handle future access to location data themselves.

EnStream counts LocationSmart as a partner, but Blumenthal would not say whether his company would follow the lead of U.S. wireless carriers and end their current relationship with LocationSmart, too.

"We are exploring all options related to LocationSmart and others," said Blumenthal, whose company also counts another U.S. broker, Zumigo, as a partner. "It would be premature for me to comment any further at this time."

A 'weak model of consent'

Wireless carriers in both Canada and the U.S. have said that the location data they provide — which differs from the location data used in apps like Uber or Google Maps — can be used for beneficial purposes, such as emergency assistance, fraud prevention and tracking delivery vehicles. They stress that location data will only be shared if users opt in.

But as the New York Times has reported, safeguards designed to ensure that consent had actually been given still did not prevent Securus' access to location data from being abused.

Ideally, users would be the only ones with control over who could access their location, said Jamie Lewis. Instead, telecom companies offer users what she calls a "weak model of consent" — where users have to trust that EnStream and all of its partners, who also control access to their location, will always respect their decision to share their location or not.

"Any system that has an element of trust built into it, that trust can always be violated by someone," Jamie Lewis said.

Blumenthal said there are measures in place to ensure that trust isn't abused. He said that Canadian privacy laws are stricter than in the U.S., and prevent location data accessed for one purpose to be used for another. And he said that by carefully vetting their customers, they hope to spot companies like Securus before abuse occurs.

"We have a direct line of sight to who the customer is, even though it might go through a third party" like LocationSmart, Blumenthal said. He said that if a cellphone user ever complained their location had been shared without their consent, EnStream would be able to trace the request back to see if consent was improperly obtained.

The move by U.S. carriers to more strictly limit access to their customers' location data was spurred by inquiries from U.S. Senator Ron Wyden, whose office has spent recent months investigating privacy and security issues with cellular networks.

However, none of the major U.S. carriers say they will stop selling access to their subscribers' location data outright, according to the Associated Press. Verizon, for example, said "beneficial services" such as roadside assistance would continue — which puts them more in line with what EnStream currently offers in Canada.

CNN
Secret Service says agent on Harris’ detail was removed from assignment after distressing behavior
A Secret Service agent assigned to Vice President Kamala Harris’ detail was removed from their assignment after displaying behavior that colleagues found “distressing,” the agency said.
41 minutes ago
People
“Call Her Daddy'”s Alex Cooper Models Her Wedding Night Lingerie in Instagram Reveal: See the Racy Look
Cooper wore a sexy lacy bodysuit from SKIMS' Wedding Shop collection after marrying Matt Kaplan in Mexico
a day ago
Cosmo
Sabrina Carpenter looks practically naked in completely see-through lace mini dress
Sabrina Carpenter went braless wearing the Mirror Palais Anemone Dress in butter featuring illusion tulle adorned with lace appliqués along the neckline and hem
16 hours ago
Reuters
Trump's three US Supreme Court appointees thrash out immunity claim
When the U.S. Supreme Court ultimately rules on Donald Trump's claim of presidential immunity from prosecution, a third of those deciding the matter will be justices he appointed to their lifetime posts. Those three - Amy Coney Barrett, Brett Kavanaugh and Neil Gorsuch - posed questions from various angles as the nation's top judicial body heard arguments on Thursday in a case that provides a vital test of the power of the presidency. A key question, Gorsuch said, is "how to segregate private from official conduct that may or may not enjoy some immunity."
6 hours ago
The Daily Beast
Judge Upholds Trump’s $83 Million Defamation Verdict
Reuters/Brendan McDermidA federal judge in New York upheld a defamation verdict against Donald Trump, keeping him on the hook for the $83 million he owes E. Jean Carroll, the writer who accused him of sexual assault.Trump had motioned to receive a new trial, but Judge Lewis Kaplan rebuffed that effort, determining nothing was wrong with the first one that ruled against him.The decision affirms that Carroll suffered harm from Trump publicly railing against her in 2019, as she went public with her
7 hours ago
CBC
Makeshift slaughterhouse in a residential garage points to growing concerns about illicit meat sales
Inside a garage in an established Edmonton neighbourhood, animals were being slaughtered and the meat was advertised for sale to consumers, a CBC News investigation has learned.Police entered the rented garage in the quiet residential Woodcroft community in February 2023. Images shared with CBC News show piles of goat carcasses, tubs of blood and the remains of a skinned baby goat on a makeshift slaughter table.Neighbour John Bos told CBC News that the sounds of bleating goats first alerted him
9 hours ago
BANG Showbiz
'I'm not a millionaire anymore': Charlotte Church's fortune has gone
She was worth £25 million by the time she was 11 years old but Charlotte Church has revealed her fortune has gone.
2 days ago
InStyle
Prince Edward and Duchess Sophie Feel Disappointed by King Charles Royal Title "Snub"
The "chosen ones" are reportedly sad they didn't get new roles after Prince William and Kate Middleton's latest appointments.
14 hours ago
CBC
Police identify man who plunged to his death from balcony
Toronto police have identified a man who plunged to his death from an eighth-floor balcony downtown late Wednesday in the city's latest homicide.Ryan Williams, 38, of Toronto, fell from a balcony just before midnight at a highrise in the area of Church and Shuter streets, police said in a news release on Thursday.Paramedics say they transported a man to a trauma centre. He was pronounced dead in hospital, according to police.Williams is the city's 24th homicide victim of the year.Police have sai
12 hours ago
People
All About Okla. Family Murder-Suicide, Where Dad Killed Wife, 3 Sons Before the Last Surviving Child Called 911
Jonathon Candy, 42, fatally shot his wife, Lindsay Candy, 39, and three of their four children, ages 18, 14, and 12, on April 22, before dying by suicide
10 hours ago
Hello!
Princess Charlotte's secret hidden talent revealed by mum Princess Kate
Princess Charlotte will be celebrating her 9th birthday next week, and she has a cool hidden talent! Her mum Kate Middleton recently opened up about her hobby...
17 hours ago
Sacramento Bee
Ex-teacher had sex with her student on his 8th-grade graduation, California prosecutors say
The former Butte County teacher pleaded no contest Monday to the charges.
a day ago
HuffPost
Lara Trump Alarms Critics With 'Frightening' Comment About RNC's Election Plans
"Sounds like a perfect authoritarian election plan to me," fascism expert Ruth Ben-Ghiat commented.
a day ago
INSIDER
Where Reena Virk's killers are now almost 30 years on from her murder that inspired 'Under the Bridge'
Hulu's "Under the Bridge" tells the story of the 1997 murder of Canadian teen Reena Virk. Here's where her killers, Warren Glowatski and Kelly Ellard, are now.
2 days ago
Yahoo Canada Style
Montréal Canadiens captain Nick Suzuki announces engagement to Caitlin Fitzgerald in heartwarming Instagram post
The 24-year-old London, Ont. natives connected through social media in 2016.
12 hours ago
The Daily Beast
Wanda Sykes Rips Trump’s Courtroom Farting
ABC/Randy HolmesLike hundreds of thousands of other rapt viewers, comedian Wanda Sykes is getting a lot of mileage out of the Manhattan criminal trial of Donald Trump, the first-ever criminal trial of a former U.S. president. Trump has pleaded not guilty to 34 counts of falsifying business records connected to his sexual relationship with adult film star Stormy Daniels. Podcaster Ben Meiselas insisted this week that Trump, present this week in-person for the beginning of the trial, had suffered
a day ago
The Independent
Dramatic video shows Boeing plane bounce off LAX runway
Lufthansa admitted that their Tuesday flight to LAX had a bit of a ‘rough landing’ when it touched down
10 hours ago
InStyle
Prince Harry Was "In Tears" Over His Frogmore Cottage Eviction
The Duke of Sussex felt that "it was purely vindictive."
6 hours ago
People
Billie Eilish on Coming to Terms with Her Sexuality Last Year — and Why She Never Planned to Talk About It
"I've been in love with girls for my whole life, but I just didn’t understand — until, last year, I realized I wanted my face in a vagina," she said
a day ago
HuffPost
Biden Hits Trump With Biblical Burn Over His Latest Shady Business Scheme
The audience laughed out loud as Biden mocked Trump's most recent venture.
2 days ago

Latest Stories