UPDATE: May. 8, 2024, 11:18 a.m. EST AT&T, Verizon, and T-Mobile responded with an email statement, telling Mashable that they plan to fight the FCC fine. They do not deny the FCC's findings, but they do believe they should not be held responsible for the information leak to third parties. More on this in our follow-up story here.

Original article: April 30, 2024, 4:07 p.m. EST:

What does AT&T, Verizon, Sprint, and T-Mobile all have in common?

Aside from being the four major mobile carriers in the U.S., these companies have also just been slapped with millions in fines from the FCC.

Why?

AT&T, Verizon, Sprint, and T-Mobile allegedly provided location data to third parties without their users' consent, which is illegal.

“Our communications providers have access to some of the most sensitive information about us," said FCC Chairwoman Jessica Rosenworcel in a statement. "These carriers failed to protect the information entrusted to them. Here, we are talking about some of the most sensitive data in their possession: customers’ real-time location information, revealing where they go and who they are.” 

FCC fines the biggest U.S. mobile carriers

According to the FCC, T-Mobile has been fined the largest amount: $80 million. Sprint, which has merged with T-Mobile since the FCC's investigation began, also received a $12 million fine.

AT&T will have to pay more than $57 million and Verizon will dole out close to $47 million.

In total, the four major mobile carriers in the U.S. will be paying out more than $200 million in fines for sharing sensitive customer data without their knowledge or permission.

What happened?

AT&T, Verizon, Sprint, and T-Mobile allegedly sold access to its own customers' location data to "aggregators." These aggregators then resold the access to other third-party, location-based service providers. 

"Each carrier attempted to offload its obligations to obtain customer consent onto downstream recipients of location information, which in many instances meant that no valid customer consent was obtained," the FCC said.

The FCC says these four carriers broke the law set in the Communications Act that requires these companies to protect confidential data, including location information.

The specific case that led the FCC to carry out its initial investigation is also laid out in the FCC's announcement and it's certainly alarming.

A Mississippi sheriff was trackingthe location of people through their cell phones via a prison communication service company called Securus. Securus was getting this location data through the four major wireless carriers.

This case perfectly shows the important role mobile carriers play in protecting our data – and the consequences when they fail to do so. Now, these companies will pay millions in fines, thanks to the FCC.