I bought a NET10 international SIM card 7 years ago. Only used it for a couple weeks. Last month I asked them to delete my account. Spoke to 3 people and they weren't able to do it. One agent outright lied and said he did, but I was still able to log in after the fact. The best they managed was to change some of the profile details on the account (name, etc).
I submitted a formal request under California's "Right to Delete" legislation (CCPA section 1798.105).
The response was a formal letter from the parent company denying my request. It's a template letter with legalese bullshit that's totally inapplicable (e.g. they argue there's still a "business relationship", even though we haven't done any business in 7 years).
NET10 is owned by TracFone Wireless, which in turn is 100% owned by América Móvil (NYSE:AMX, $41B market cap). I believe they had my address, email address, phone number, date of birth, etc.
It's disgusting what these giant telco bastards get away with. Why don't US laws have the same "teeth" as GDPR, and any advice to force them to delete my data? (e.g. If anyone here advocates for this sort of thing on social media and wants a slightly-redacted copy of the letter to publicly shame them I'd be happy to deliver that).
FWIW, the GDPR doesn't have too much teeth, either; most big players haven't received big fines. The biggest fine to date has been the French fine of EUR 50m on Google, and Facebook has gotten off almost entirely scot-free so far. That should tell you almost everything you need to know about how effective the GDPR has been.
Of course, I don't mean to say the GDPR is useless. There's a lot of good work being done, and an Italian telecom was fined ~EUR28 mn for violations similar to what you had to face. I just think GDPR enforcement needs to step it up and hit the usual suspects with fines that go beyond a slap on the wrist for it to really change the world. You can track major fines using an enforcement tracker, I check on [1], but you can also just google it every now and then to stay up to date.
To be fair, it's pretty difficult to sue a megacorp and make it stick, so I suspect that we won't see either Google or FB be massively penalised till late 2021 or early 2022.
By which point FB will no longer exist in Europe (as they recently claimed that the Privacy Shield ruling would require them to do).
I submitted a formal request under California's "Right to Delete" legislation (CCPA section 1798.105).
The response was a formal letter from the parent company denying my request. It's a template letter with legalese bullshit that's totally inapplicable (e.g. they argue there's still a "business relationship", even though we haven't done any business in 7 years).
NET10 is owned by TracFone Wireless, which in turn is 100% owned by América Móvil (NYSE:AMX, $41B market cap). I believe they had my address, email address, phone number, date of birth, etc.
It's disgusting what these giant telco bastards get away with. Why don't US laws have the same "teeth" as GDPR, and any advice to force them to delete my data? (e.g. If anyone here advocates for this sort of thing on social media and wants a slightly-redacted copy of the letter to publicly shame them I'd be happy to deliver that).