Instead of providing notice to customers and obtaining or verifying customer consent itself, Verizon “largely delegated those functions via contract,” the court said. This system and its shortcomings were revealed in 2018 when “the New York Times published an article reporting security breaches involving Verizon’s (and other major carriers’) location-based services program,” the court said.
Securus Technologies, a provider of communications services to correctional facilities, “was misusing the program to enable law enforcement officers to access location data without customers’ knowledge or consent, so long as the officers uploaded a warrant or some other legal authorization,” the ruling said. A Missouri sheriff “was able to access customer data with
→ Continue reading at Ars Technica