When the punishment for the crime is a fine, it's just a subscription service that allows the wealthy to break rules, trust and expectations.

But, let's push that fine up to $40 billion US (with a b) and see what happens. If we need to go harder, let's add some enforceability, too. Maybe they have 1 year to pay it or lose the right to do business in the US (or whatever country) for 12 months? Get creative with the pain, but cause it none the less.

Walk softly, but carry a big stick.

>In their last quarter alone they made over 9k million USD, if I'm reading it right [0].

How much did they make selling or otherwise monetizing location data?

Not much of a protection. They will just add one more line in the 50 pages terms of service you have to agree to to get a contract.

Nope. The court is applying an old law that specifically applies to carriers providing "telecommunications services", no one else.

(Incidentally, even the term "telecommunications service" only encompasses voice call service, not mobile data or SMS. The FCC tried to reclassify Internet access as a telecommunications service during the Obama and Biden administrations, in order to get authority to impose net neutrality rules, but it was ultimately overturned in court.)

That was probably a sound legal strategy. Selling location data without consent is obviously unethical behavior that should be illegal. A jury is more likely to rule on the basis of that; with a judge maybe there's a chance that a technicality in the law leads to a ruling in their favor.

Anyway, this practice should be criminalized with companies and their employees receiving criminal penalties like jail time.

I feel like a cop looking at this company’s behavior. “If you’re not guilty why are you acting guilty, Verizon?”

gps spoofer perhaps?

Even better, the fine should be a percentage of the whole annual company revenue. So the action cannot be evaluated with an isolated break-even calculation.

Exactly. If a shoplifter only paid a small percentage for stolen goods it would become a great career same as surveillance capitalism.

As a fun but impractical thought-experiment, imagine the differences in a world with a rule like: "If you voluntarily share data about a customer which becomes instrumental in crime committed against that customer, the company is considered an accomplice to the crime."

It's not just telecom, the usage data of a product is naturally an asset of every company.

It's just a matter whether this data contains PI (=Personal Information) or (!) PII (=Personally Identifiable Information --> Information that can be combined with other data to create PI).

The EU GDPR (here mostly known for consent-popups on websites it seems) allows companies to keep this kind of data but requires very strict governance and user-consent if the data contains PI or PII.

And everyone who worked in a larger company at the time of enforcement saw the wonders it did. Suddenly whole departments reviewed the amount of data they collect, and found there was a huge portion of telemetry data that was actually NOT needed to preserve this asset-value (Names, Addresses, Serial numbers, etc...)

Or transfer to the "Archive of the presidency" upon retirement of the current president, so it can be used to finance e.g. jet fuel... /s

The grass is always greener on the other side. I live in the EU and GDPR isn't much better. All it requires is "informed consent" (i.e a click or a tap on a button) from the "data subject" and people can evade privacy with impunity. The only side effect is that those of us on this side of the pond, get ugly cookie banners.