In Seattle for the World Cup? Get connected in 5 minutes →
Your Phone Carrier Has Been Selling Your Location Data — The Supreme Court Just Confirmed It

June 7, 2026

Your Phone Carrier Has Been Selling Your Location Data — The Supreme Court Just Confirmed It

The Supreme Court upheld $200M in FCC fines against Verizon, AT&T, and T-Mobile for selling customer location data. Here's what it means and how to protect yourself.

On June 4, 2026, the Supreme Court of the United States ruled in favor of the FCC in a case that every wireless customer in this country should know about. The Court upheld nearly $200 million in fines against the four largest carriers in the US — AT&T, T-Mobile, Verizon, and Sprint — for selling their customers’ real-time location data to third parties without consent.

This wasn’t a hypothetical privacy violation. It wasn’t a data breach caused by hackers. The carriers deliberately packaged their customers’ precise, real-time location information and sold it to data brokers, who then resold it to bounty hunters, advertisers, landlords, and anyone else willing to pay. Your carrier knew where you were at every moment of every day, and they turned that knowledge into a revenue stream.

The Supreme Court’s decision brings a years-long fight to a close. And while the fines are significant in dollar terms, they represent a fraction of the revenue these companies generated from selling the data in the first place. Here’s what happened, what it means for you, and what you can actually do about it.

What the Carriers Did

Starting in the mid-2010s, all four major US carriers — AT&T, T-Mobile, Verizon, and Sprint (now merged with T-Mobile) — sold access to their customers’ real-time location data through intermediary companies called location aggregators. These aggregators, including companies like LocationSmart and Zumigo, acted as middlemen. They purchased bulk access to carrier location data and then resold it to hundreds of downstream buyers.

The data was not anonymized. It was not aggregated into general trends. It was specific, real-time location information tied to individual phone numbers. If someone had your phone number and access to one of these services, they could track your movements with accuracy down to a few hundred meters, updated in near real-time.

This wasn’t a secret within the industry. It was a known product. Law enforcement agencies used it without warrants. Bail bond companies and bounty hunters used it to locate people. A 2018 investigation by Motherboard demonstrated that a reporter could pay a bounty hunter $300 to locate any phone in the US within minutes using this exact system. The data was available to essentially anyone willing to work through the chain of intermediaries.

Person looking concerned at smartphone in dimly lit coffee shop

The carriers had privacy policies. Those policies said they would protect customer data. The carriers violated their own policies and, more importantly, violated FCC regulations that require carriers to protect the confidentiality of customer proprietary network information, known as CPNI. Location data falls squarely within the definition of CPNI.

The Fines

The FCC issued its proposed fines in 2020 and finalized them in 2024. The carriers immediately challenged the fines in federal court, arguing procedural issues and questioning the FCC’s authority. Those challenges failed at the appellate level, and the Supreme Court’s ruling on June 4 was the final word.

Here’s what each carrier owes:

CarrierFine
T-Mobile$80,000,000
AT&T$57,000,000
Verizon$47,000,000
Sprint$12,000,000
Total$196,000,000

Those numbers look large. They are not, relative to the companies paying them. AT&T’s annual revenue in 2025 was approximately $122 billion. A $57 million fine represents about 0.047% of their annual revenue. For context, that’s the equivalent of a person earning $60,000 per year being fined $28. T-Mobile’s $80 million fine against their roughly $80 billion in annual revenue works out to 0.1%.

The fines are a cost of doing business. They are not a deterrent. The carriers made money selling this data for years before getting caught, fought the penalties for years after, and the final bill is a rounding error on their balance sheets.

That said, the ruling matters. It establishes clearly that the FCC has the authority to enforce CPNI rules, that location data is protected information, and that carriers cannot sell it without explicit customer consent. Future violations could face steeper penalties, and the legal precedent makes it harder for carriers to argue ignorance or procedural technicalities.

What Data Was Sold and Who Bought It

The data was real-time cell tower triangulation and GPS-derived location information. Every time your phone connects to a cell tower, your carrier knows where you are. With multiple tower connections and GPS, that location becomes precise.

The carriers were selling where you go (home, work, doctor’s office, the bar on Friday night), when you go there (timestamped to the minute), and how often (patterns over weeks and months). This wasn’t anonymized or aggregated. It was tied to individual phone numbers.

The buyers included:

  • Bounty hunters and bail bond companies tracking down individuals
  • Debt collectors locating people who owed money
  • Stalkers and abusers who paid intermediaries to locate their victims (multiple documented cases)
  • Advertisers building behavioral profiles from location patterns
  • Data brokers combining location data with other personal information for resale
  • Law enforcement agencies using commercial data to bypass the warrant requirements established by the Supreme Court’s own 2018 Carpenter v. United States decision

That last point is worth pausing on. In Carpenter, the Court ruled that accessing cell-site location data requires a warrant. Law enforcement responded by simply purchasing the same data commercially. The carriers made that possible.

Cell tower rising above evergreen trees against cloudy Pacific Northwest sky

What This Means for You Right Now

If you’ve been a customer of AT&T, T-Mobile, Verizon, or Sprint at any point during the period when this data was being sold (roughly 2012 through 2019, when the carriers began shutting down their location aggregation programs under public pressure), your location data was likely available for purchase.

There is no opt-out that would have prevented this. The carriers did not ask permission. They did not offer a choice. They sold the data as part of their business operations and buried the relevant disclosures in privacy policies that no reasonable person reads in full.

The FCC fines are paid to the US Treasury, not to affected customers. You will not receive a check. There may be class action lawsuits that result in settlements, but those typically pay out small amounts per person after attorneys’ fees.

The practical takeaway is this: your carrier has demonstrated, through documented behavior upheld by the Supreme Court, that it is willing to monetize your most sensitive personal data without your knowledge or consent. The question is not whether they did it. The Court just confirmed they did. The question is what you do with that information.

How to Protect Your Privacy Going Forward

The ruling addresses past behavior, but it doesn’t guarantee future privacy. Carriers still collect your location data — they have to in order to route calls and manage network traffic. The question is what they do with it beyond providing you service.

Here are concrete steps you can take.

1. Check Your Carrier’s Privacy Settings

Every major carrier has privacy opt-outs buried in their app or account settings. On T-Mobile, look for “Custom Experience” programs. On AT&T, look for “Relevant Advertising.” On Verizon, look for “Custom Experience Plus.” Opt out of all of them. These settings won’t prevent all data collection, but they limit how your data is used for advertising.

2. Use a VPN

A VPN encrypts your internet traffic, preventing your carrier from seeing which websites and apps you use. It doesn’t stop cell tower-based location tracking, but it significantly reduces the behavioral data your carrier collects.

Your Carrier Sold Your Location Data

This is where your choice of carrier matters. T-Mobile charges $5 per month for their VPN add-on. Verizon includes it only on premium plans. World Mobile includes a built-in VPN on every plan, including the $15 per month Starter tier. When privacy tools are included by default instead of sold as extras, it reflects a fundamentally different approach to customer data.

3. Minimize App Permissions

Review which apps have “always on” location access and downgrade them to “while using” or “never.” This doesn’t affect carrier-level tracking, but it reduces the overall volume of location data your device generates.

4. Switch to a Privacy-Respecting Carrier

This is the most direct action available. The carriers that sold your data are the same ones most people still pay every month. Switching moves your money to a company that hasn’t demonstrated a willingness to sell you out.

World Mobile is built on a different model — privacy as a core feature, not an upsell. Every plan includes a built-in VPN. No history of selling customer data. The business model runs on subscription revenue, not data monetization on the side.

And the hidden fees your carrier charges aren’t the only thing they’ve been hiding from you. The location data scandal is a reminder that there are revenue streams you don’t see and data flows you never agreed to.

Switching Is Easier Than You Think

If the idea of switching carriers feels like a hassle, it’s worth knowing that the process has gotten significantly simpler in the past few years.

If your phone supports eSIM (most phones made after 2020 do), you can activate a new carrier in minutes without visiting a store or waiting for anything in the mail. You scan a QR code, your new service activates, and you’re done.

Worried about losing your phone number? You don’t have to. You can keep your existing number when you switch carriers. Number porting is a legal right, and the process typically completes within a few hours.

There are no contracts with carriers like World Mobile, so there’s no commitment if you want to try it. Sign up, test the service, and if it works for you, you’ve just moved to a carrier that doesn’t have a Supreme Court ruling confirming it sold your data.

Woman switching phone carriers on smartphone using eSIM setup screen outdoors

The Bigger Picture

This ruling is a landmark moment for consumer privacy, but it’s also a reminder of how slowly accountability moves. The behavior started over a decade ago. Journalists exposed it in 2018. The FCC proposed fines in 2020. The carriers fought the fines for six years. The Supreme Court ruled in 2026. The total elapsed time from when carriers started selling data to when they faced final consequences: roughly fourteen years.

During that time, millions of Americans had their location tracked, packaged, and sold without consent. Some of that data was used by stalkers. Some was used to circumvent constitutional protections against warrantless surveillance. The financial penalty amounts to a small fraction of the revenue the practice generated.

The system worked, eventually. But it worked slowly, and the penalties are modest relative to the harm. If you’re waiting for regulation to protect your privacy, you’ll be waiting a long time. The more reliable approach is to choose service providers that align with your values and vote with your wallet.

The carriers that sold your data are still in business. They’re still collecting your location information. The only thing that’s changed is that they’ve been told they’ll be fined if they sell it again. Whether that’s enough to stop them depends on whether the next fine is large enough to matter.

Or you can switch to a carrier that never sold your data in the first place.

Compare carriers and find a plan that respects your privacy or visit hexymobile.com to get started.

Ready to switch? Plans start at $15/mo.

Sign Up at HexyMobile

Plans start at $15/mo. No contracts.

Get Started