Forget About the NSA, What Personal Data Does Your Phone Carrier Collect?

It is hard to find someone who wasn’t appalled when they learned of the large amounts of private data the government was collecting on all of us. Likewise, social media websites like Facebook have faced repeated controversy over their privacy rules that users often never read. In fact, Carnegie Mellon researchers determined that it would take the average American 76 work days to read all the privacy policies they agreed to each year.

Let’s face it, many of the companies providing the “free” services we enjoy have concluded that to monetize their business model they have to collect and sell our personal data. This has become such a large social issue that there is now a great billboard campaign by Bittorent pointing out just how much control of our personal data we have surrendered. Despite our willingness to surrender our personal data, companies still can cross the line in their rush to collect data gold.


Just last week, the Federal Communications Commission issued a Media Statementrevealing that Verizon has agreed to pay $7.4 million to settle a federal complaint against the cell phone company for violating the privacy rights of nearly two million customers. In addition to the $7.4 million payment, Verizon has agreed to notify customers of their opt-out rights on every bill for the next three years.


It is downright scary when you think about what your phone company could collect if they wanted too. If a stranger asked you for a list of all the calls and text messages that you sent and received and how long and how often you access the Internet or check email, you would never willing give that up would you? What if you were asked for your financial information, passwords, calendar, age, gender and your current location? Would you provide any of this information? What about those “private” pictures you have on your phone that you thought no one would ever see?


All of this information and more from your smartphone is available to those with access and there is little you can do to prevent your service provider (e.g., Verizon, AT&T, Sprint, T-Mobile) from collecting data about you. At a minimum, most service providers acknowledge obtaining the following:

  • Incoming and outgoing calls: the phone numbers you call, the numbers that you receive calls from, and the duration of the call;
  • Incoming and outgoing text messages: the phone numbers you send texts to and receive texts from;
  • How often you check your e-mail or access the Internet;
  • Your location.

Verizon’s Privacy Policy lists the information that they collect from their customers and how they use it, including:


“…information about our customers and website visitors when you interact with us, when you use our products and services, and when you visit our websites”;


“…obtain consumer information (such as demographic and interest data) from outside companies who provide such data. We use this data and combine it with other information we have to help us predict customer preferences and direct marketing offers.”


“When you establish an online account with us, we maintain information about your user identification, password and secret questions and answers. This information is used to identify you when you sign in to your account.”


“When you use social media credentials to login to or otherwise interact with a Verizon site or offer, we may collect information about your social media profile, such as your interests, “likes” and friends list. We may use this information, for example, to personalize your Verizon experiences and marketing communications, to enhance our services and to better serve you.”


Beginning in 2009 global data output began to double every two years. By 2020 the annual global data will be 50 times as much as in 2010. “Who would want to use all this information about me?” you might ask yourself. Definitely, criminals, advertisers, and perhaps, the Government place great value on obtaining this information. Smartphones hold an extraordinary amount of personal information, and this is growing everyday, so consider what would happen if others had unfettered access to your phone.


Travis LeBlanc, Acting Chief of the FCC’s Enforcement Bureau said when announcing the Verizon fine, “In today’s increasingly connected world, it is critical that every phone company honor its duty to inform customers of their privacy choices and then to respect those choices. It is plainly unacceptable for any phone company to use its customers’ personal information for thousands of marketing campaigns without even giving them the choice to opt out.” Each telephone company, be it long distance, VoIP, wireless or local must follow these customer information rules so be sure to make your privacy choices clear to each customer.


It’s clear that the definition of privacy has changed drastically in the digital age. While smartphones and mobile carriers may be the agents of change in creating a new definition, they certainly they are not the only ones. As standards of privacy continue to morph and the amount of personal information available online grows, knowledge remains your best weapon in protecting yourself and your information.


Disclaimer: This article discusses general legal issues, but it does not constitute legal advice. No reader should act or refrain from acting on the basis of any information presented herein without seeking the advice of counsel in the relevant jurisdiction. Siddel Law expressly disclaims all liability in respect of any actions taken or not taken based on any contents of this article.

Back to Blog