Sprint Provides U.S. Law Enforcement with Cell Phone Customer Location Data: Via Schneier on Security.

Wired summarizes research by Christopher Soghoian:

Sprint Nextel provided law enforcement agencies with customer location data more than 8 million times between September 2008 and October 2009, according to a company manager who disclosed the statistic at a non-public interception and wiretapping conference in October.

The manager also revealed the existence of a previously undisclosed web portal that Sprint provides law enforcement to conduct automated "pings" to track users. Through the website, authorized agents can type in a mobile phone number and obtain global positioning system (GPS) coordinates of the phone.

From Soghoian's blog: [ Read more ... ]

Soghoian: 8 Million Reasons for Real Surveillance Oversight: Via Freedom to Tinker.

If you're interested at all in surveillance policy, go and read Chris Soghoian's long and impassioned post today. Chris drops several bombshells into the debate, including an audio recording of a closed-door talk by Sprint/NexTel's Electronic Surveillance Manager, bragging about how easy the company has made it for law enforcement to get customers' location data -- so easy that the company has serviced over eight million law enforcement requests for customer location data.

Here's the juiciest quote: [ Read more ... ]

VoIP Watch: Customer Data Getting More Private? I think Not: "The way around this is too obvious. With Sprint/Nextel working with the cable companies on a new venture all they need to do is hire the MSO's telemarketing teams to call their customers and offer them the new service. Sprint can pay them a bounty. Sprint can pay the MSO's for an insert called a bill stuffer and Sprint can run TV spots on the cable networks. [ Read more ... ]

IP Democracy: "On April 2, the FCC released new rules designed to protect consumer privacy when it comes to information held by communications service providers (the Commission's order is 101 pages -- PDF here). Largely designed to prevent the practice of pretexting, whereby someone poses as a consumer to gain access to private information (think HP scandal), the rules have created quite a ruckus, with early reports predicting, perhaps erroneously, that the new regs would doom the cable industry's mobile voice consortium formed with Sprint-Nextel.

On the heels of the decision's release, the Wall Street Journal ran this piece which cites an unnamed Washington attorney who said one aspect of the rules would block cable companies from sharing their customer information with Sprint-Nextel. In its order, the FCC barred telecommunications companies from sharing customer data with 'joint venture partners or independent contractors' without first obtaining customer opt-in permission to do so. [ Read more ... ]