FCC chairman Ajit Pai has sent a letter to the House Energy and Commerce Committee, stating that the commission’s Enforcement Bureau has found that US carriers “apparently” broke the law by selling the location data of their unknowing customers. “I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC’s rules, including those that protect consumers’ sensitive information, such as real-time location data,” Pai wrote. 

The controversy originated with a Motherboard report that made clear just how negligent carriers including T-Mobile, Sprint, and AT&T had gotten with selling the real-time location of their wireless subscribers. That information could trickle down to bounty hunters and complete strangers for a worryingly small amount of money — without the wireless customers ever having a clue.

Carriers tried to ease the resulting blowback by saying either they would stop their location sales practices or had already done so. AT&T even went so far as to argue it wasn’t violating any laws. But US lawmakers still wanted a better understanding of how such sensitive data was getting around so freely, which led Energy and Commerce Committee Chair Rep. Frank Pallone (D-NJ) to summon Pai to an “emergency briefing” that the FCC chairman ended up skipping.

Now, after what Pai says was an “extensive investigation,” the question turns to just how severely the FCC will penalize the mobile providers involved. Will it be something substantial or merely a wrist slap that leaves no lasting reminder for the companies that gave away some of the most sensitive data your phone can produce?

“Following our longstanding calls to take action, the FCC finally informed the Committee today that one or more wireless carriers apparently violated federal privacy protections by turning a blind eye to the widespread disclosure of consumers’ real-time location data,” Pallone said in a statement after receiving the letter. “This is certainly a step in the right direction, but I’ll be watching to make sure the FCC doesn’t just let these lawbreakers off the hook with a slap on the wrist.”

In his letter, Pai said he intends to circulate a “notice of apparent liability for forfeiture” to his fellow commissioners in the coming days, so we won’t have to wait long to find out what level of punishment awaits the carriers.