"I am writing to insist that AT&T take proactive steps to prevent the unrestricted disclosure and potential abuse of private customer data, including real-time location information, by at least one other company to the government," a May 8 letter sent from Wyden to the President and Chief Executive Officer of AT&T reads. [...]
In his letter to AT&T, which has similar text to letters sent to other carriers, Wyden writes that this check amounts of "nothing more than the legal equivalent of a pinky promise."
"The fact that Securus provides this service at all suggests that AT&T does not sufficiently control access to your customers' private information," the letter adds.
In Shocking Drop of Second Shoe:
Most of the users in the spreadsheet are from US government bodies, including sheriff departments, local counties, and city law enforcement. Impacted cities include Minneapolis, Phoenix, Indianapolis, and many others. The data also includes Securus staff members, as well as users with personal email addresses that aren't explicitly linked to a particular government department. [...]
"Location aggregators are -- from the point of view of adversarial intelligence agencies -- one of the juiciest hacking targets imaginable," Thomas Rid, a professor of strategic studies at Johns Hopkins University, told Motherboard in an online chat. [...]
"Track mobile devices even when GPS is turned off," the Securus website reads. "Call detail records providing call origination and call termination geo-location data," it adds.