US fraud detection firm accused of data privacy violations

U.S.-based fraud detection firm TeleSign, its parent company Proximus, and major telecommunications provider BISC have been alleged by the European Center for Digital Rights, also known as noyb, to have committed violations of the General Data Protection Regulation after leveraging cell data to enable reliability rankings for billions of phone users, reports The Record, a news site by cybersecurity firm Recorded Future. In a complaint filed with the Belgian Data Protection Authority, noyb noted that data including technology used by subscribers for calls and texts, activity frequency, and call duration have been shared by BISC to TeleSign, which then leveraged an algorithm to analyze the data to determine client rankings. "The systematic and massive transfer of all telephone numbers to TeleSign so that the latter can assign a score to each number is not proportionate. It amounts to putting on file all users whose communications transit through BICS, even though such systematic retention of data for police and judicial purposes is only permitted under very strict conditions," said the complaint.