Hello. It looks like you�re using an ad blocker that may prevent our website from working properly. To receive the best Tortoise experience possible, please make sure any blockers are switched off and refresh the page.

If you have any questions or need help, let us know at memberhelp@tortoisemedia.com

Captured data and mobile carriers

Captured data and mobile carriers

Major mobile phone carriers harvest user data, retain it and provide it to brokers as well as the police

Here’s what you need to know this week:

  • Affairs of state: Captured data and mobile carriers – are we overlooking cellular surveillance?


  • Google’s YouTube lost a prominent executive
  • Apple faced demands from Australian regulators
  • Microsoft conceded on preferencing Azure Cloud
  • Amazon’s The Rings of Power is a costly gambit
  • Meta pushed failing NFT integration
  • Tencent’s gaming device disappointed

Affairs of state: Captured data and mobile carriers

While many readers will think of suspect apps, hacked devices and shady websites as proprietors of personal data, new analysis has shown that consumers cannot opt-out of having their data collected by many of the largest mobile phone carriers in the world. 

Ten of the fifteen largest providers gather geolocation data from their customers, a study published by the Federal Communications Commission (FCC) has found.

The mobile phone carrier responses – from AT&T, Best Buy Health, Charter, Comcast, Consumer Cellular, C-Spire, DISH Network, Google Fi, H2O Wireless, Lycamobile, Mint Mobile, Red Pocket, T-Mobile, U.S. Cellular and Verizon – also show that they collect and retain data for up to five years, and only seven explicitly say that the data they hold is protected by encryption.

Why does this matter? Geolocation data can be used to give a detailed picture of a person’s activities, including where they live, shop, work, as well as the medical providers they visit. It can provide very specific insights into an individual person’s life. From this data, a range of inferences can also be made, allowing companies and other entities to predict consumer behaviour with increasing accuracy. Both can lead to the invasion of privacy, and the violation of human rights. 

What data do carriers hold? Typically, carriers hold location data that shows a device moving between or throughout a network. This may also include a record of calls, messages, data usage, device IDs, mobile country codes and IP addresses. The short answer, therefore, is a lot.

Are the carriers legally obliged to retain data? In order to comply with local law enforcement requirements, the carriers must keep the data for a certain amount of time, and be able to provide it to investigators if they receive a lawful request for access. Google Fi, one of the providers that responded to the data probe by the FCC, claims to have “a robust process for evaluating legal demands for user data”, but the reality is that the request and response process is not transparent. Concerns over the use of geolocation data in America are mounting as many people seeking abortions after the overturning of Roe vs Wade, fear arrest on the basis of data tracking.

What about the brokers? The FCC, back in 2020, proposed $200 million in fines for mobile phone carriers for selling geolocation data to bail bond companies and other third parties. “This kind of third party market in your data is really secretive,” Doug Leith, a professor of Computer Systems at Trinity College Dublin, told me. “We need clarity on why data is being collected, because without knowing the specific purpose you cannot have a final view on whether it is necessary, reasonable and proportionate collection.” The Federal Trade Commission has launched a lawsuit against one data-broker, Kochava, for transacting huge amounts of geolocation data that could allow for extremely specific targeting of individuals with “stalking, discrimination, job loss, and even physical violence.”

In the US, Congress is on the verge of passing a bill to boost data protections, the American Data Privacy and Protection Act. The legislation has drawn lobbying efforts out of major data brokers, who hope to defeat it – and have spent 11 per cent more on lobbying compared to this time last year. Brokers rely on unregulated data flows to survey users and resell their data. 

Why this story? The tech states have been harvesting data from their users, mining that data and selling it on to brokers to drive the revenues that have made them so large and profitable. In many cases, prior to the implementation of major privacy laws like General Data Protection Regulation (GDPR), large bodies of data were gathered en masse and shared continuously without proper consent. The FTC’s case against Kochava is a potential watershed after which data brokers will be forced to implement safeguards, especially as it precedes major legislation intended to curb the unregulated flow of personal data between third parties, whether the source is a website, an app or a mobile phone carrier.

Google: Kyncl out

The executive who helped YouTube woo Hollywood is leaving the company. Robert Kyncl, YouTube’s chief business officer, was central to its video streaming strategy, coming over from Netflix Inc. in 2010 to build YouTube’s relationship with legacy media executives like Bob Iger, the former CEO of Disney, and an industry that hadn’t embraced direct-to-consumer streaming. YouTube’s CEO, Susan Wojcicki, said in a memo that Kyncl was “leaving to start to next chapter in his career” and had overseen the boom in the creator economy which saw “more than $30bn [paid] to creators, artists and media companies in the last three years.” He also spearheaded YouTube’s Original Shows project which quickly faltered over extremist videos and other scandals. 

Also worth reading: Trump’s Truth Social app is still unavailable on the Google Play Store amid concerns over content moderation – this ousts 44 per cent of the US smartphone market from using the platform.

Apple: Australian measures

Australian regulators have demanded that Apple, Meta Platforms and Microsoft share details of their strategies for tackling child abuse material. The e-Safety Commissioner will fine platforms $383,000USD per day for failure to disclose the measures they have taken to identify and remove illegal material. The demands rely on legislation set out under the Australian government’s Online Safety Act, which it passed in 2021. The UK has upcoming regulation – the Online Safety Bill – that would affect platforms in a similar way, forcing them to disclose more about their practices when it comes to tackling harm online, as will the EU’s Digital Services Act. The tech states are getting a glimpse of the future from the Australian market. 

Microsoft: Cloud provider competition

Microsoft has been making it hard for users to run its software on other cloud platforms. Self-preferencing – which involves giving unfair privileges, support or access to your own products or services within a technological ecosystem, while disadvantaging competitors – has been common practice in the world of technology platforms and is a growing focus for antitrust regulators. In response to a three year-old complaint, Microsoft has been forced to fix unfair terms in its licensing agreements affecting the EU. Microsoft has announced that it will reduce the cost to customers of running its software – including Windows, Windows Office and SQL Server – on cloud platforms owned by competitors to Microsoft Azure. The practice is presumably ongoing in other markets. 

Amazon: The Rings of Power

Amazon’s The Rings of Power has reportedly cost $715 million, making it the single most expensive television production in history. The show, which premiers on Friday, has drawn criticism from fans of J.R.R Tolkien’s universe for adopting a “woke” agenda, and centring on characters who do not feature prominently – or at all – in Tolkein’s original writing. Over 20 years ago, Peter Jackson’s franchise, The Lord of the Rings, featured no people of colour in major roles, and only one line in over 9 hours of footage where a named female character speaks directly to another named female character. The canonical background for the show, Tolkien’s The Silmarillion, has been adapted to represent the metropolises in which the record-breaking show will be watched, and anyone angry about the racial purity of Tolkien’s world – which is peopled by trolls, dragons, orcs and demigods as well a humans – can simply decide not to watch. 

Meta: Digital wallet usage

Instagram is forging ahead with NFT integration, as the market goes ice cold. The volume of sales on OpenSea, a major non-fungible token (NFT) marketplace, has plummeted by 99 per cent since May as interest in the space has waned, The Verge has reported. Meta has been testing various forms of NFT-related functionality this year, including allowing users to add their collectibles as profile photos and link their digital wallets to their account. The appetite for trading NFTs has clearly died off, and the space is rife with scams and fraud, which makes Meta’s pursuit of integration more and more puzzling. One hope is that NFTs will give users a way of commodifying digital assets in the “metaverse”, a key part of Meta’s vision. The problem is that the technology isn’t genuinely useful, the underlying cryptocurrencies are unethical and the average consumer doesn’t understand or see any value in the system.

Tencent: Device dissapointment

Tencent’s new handheld games console is attracting negative attention. Leaked images of the device which Tencent is creating in collaboration with Logitech – dubbed Logitech G Gaming Handheld – have been making the rounds on social media. Customers hoping for a revolutionary design, and a new take on the possibilities of handheld gaming consoles, have been disappointed by an image of a device with the same fundamental layout as Nintendo’s Switch Lite, and Valve’s Steam Deck. Perhaps the architecture of a handheld gaming device can only evolve so far while the average user has four fingers and a thumb.

Thanks for reading,

Luke Gbedemah