In a landmark decision, the U.S. District Court of Appeals for the District of Columbia unanimously upheld a $92 million fine imposed by the Federal Communications Commission (FCC) on T-Mobile and Sprint for illegally selling customer geolocation data to third parties. The ruling, issued on August 18, 2025, underscores the critical importance of protecting sensitive consumer information and reinforces the FCC’s authority to penalize telecom giants for failing to safeguard customer privacy according to a report form Cyberschoop.
The court’s decision stems from a 2018 investigation sparked by a New York Times report revealing that a Missouri sheriff had misused geolocation data sold by telecom carriers to track a judge and state law enforcement officers. This alarming breach prompted the FCC to probe the data-sharing practices of T-Mobile, Sprint, Verizon, and AT&T. The investigation uncovered that, until at least 2019, these companies sold access to real-time customer location data to data aggregators LocationSmart and Zumigo, which then distributed the information to numerous third-party entities, including location-based service providers.
Judge Florence Pan, who authored the opinion, emphasized that the FCC “correctly determined” that customer location data is protected under the Communications Act. The Act imposes a duty on telecom carriers to prevent misuse of such sensitive information by third parties. However, the court found that T-Mobile and Sprint failed to implement adequate safeguards, even after becoming aware of “serious abuses” by buyers. “The Carriers failed to promptly take such measures,” Pan wrote, highlighting their negligence in addressing known violations.
The FCC’s investigation revealed that the telecoms relied on contractual agreements with third parties to ensure compliance, effectively outsourcing their responsibility to protect customer data. Internal audits, however, exposed multiple instances where these third parties violated the agreements, yet the carriers took no significant action. This led to a combined $200 million fine across the four telecoms, with T-Mobile facing $92 million in penalties, largely due to its 2020 acquisition of Sprint.
In her ruling, Judge Pan expressed disbelief at T-Mobile and Sprint’s attempt to challenge the FCC’s findings without contesting the facts. “Neither denies what happened. Instead, they argue that the undisputed facts do not amount to a violation of the law,” she wrote, dismissing their legal arguments as meritless.
The ruling highlights the “highly sensitive nature” of geolocation data, which can enable real-time tracking of individuals due to the constant pinging of cell towers by mobile devices. As consumer privacy concerns grow, this decision marks a significant step in holding telecom providers accountable for protecting their customers’ personal information.
Please follow us on Facebook and X for more news, tips, and reviews. Need cord cutting tech support? Join our Cord Cutting Tech Support Facebook Group for help. You can find Luke on X HERE.