AT&T

at&t-kills-home-internet-service-in-ny-over-law-requiring-$15-or-$20-plans

AT&T kills home Internet service in NY over law requiring $15 or $20 plans

AT&T has stopped offering its 5G home Internet service in New York instead of complying with a new state law that requires ISPs to offer $15 or $20 plans to people with low incomes.

The decision was reported yesterday by CNET and confirmed by AT&T in a statement provided to Ars today. “While we are committed to providing reliable and affordable Internet service to customers across the country, New York’s broadband law imposes harmful rate regulations that make it uneconomical for AT&T to invest in and expand our broadband infrastructure in the state,” AT&T said. “As a result, effective January 15, 2025, we will no longer be able to offer AT&T Internet Air, our fixed-wireless Internet service, to New York customers.”

New York started enforcing its Affordable Broadband Act yesterday after a legal battle of nearly four years. Broadband lobby groups convinced a federal judge to block the law in 2021, but a US appeals court reversed the ruling in April 2024, and the Supreme Court decided not to hear the case last month.

The law requires ISPs with over 20,000 customers in New York to offer $15 broadband plans with download speeds of at least 25Mbps, or $20-per-month service with 200Mbps speeds. The plans only have to be offered to households that meet income eligibility requirements, such as qualifying for the National School Lunch Program, Supplemental Nutrition Assistance Program, or Medicaid.

AT&T’s Internet Air was launched in some areas in 2023 and is now available in nearly every US state. The standard price for Internet Air is $60 a month plus taxes and fees, or $47 when bundled with an eligible mobile service. Nationwide, AT&T said it added 135,000 Internet Air customers in the most recent quarter.

AT&T kills home Internet service in NY over law requiring $15 or $20 plans Read More »

after-embarrassing-blunder,-at&t-promises-bill-credits-for-future-outages

After embarrassing blunder, AT&T promises bill credits for future outages

“All voice and 5G data services for AT&T wireless customers were unavailable, affecting more than 125 million devices, blocking more than 92 million voice calls, and preventing more than 25,000 calls to 911 call centers,” the Federal Communications Commission said in a report after a months-long investigation into the incident.

The FCC report said the nationwide outage began three minutes after “AT&T Mobility implemented a network change with an equipment configuration error.” This error caused the AT&T network “to enter ‘protect mode’ to prevent impact to other services, disconnecting all devices from the network.”

The FCC found various problems in AT&T’s processes that increased the likelihood of an outage and made recovery more difficult than it should have been. The agency described “a lack of adherence to AT&T Mobility’s internal procedures, a lack of peer review, a failure to adequately test after installation, inadequate laboratory testing, insufficient safeguards and controls to ensure approval of changes affecting the core network, a lack of controls to mitigate the effects of the outage once it began, and a variety of system issues that prolonged the outage once the configuration error had been remedied.”

AT&T said it implemented changes to prevent the same problem from happening again. The company could face punishment, but it’s less likely to happen under Trump’s pick to chair the FCC, Brendan Carr, who is taking over soon. The Biden-era FCC compelled Verizon Wireless to pay a $1,050,000 fine and implement a compliance plan because of a December 2022 outage in six states that lasted one hour and 44 minutes.

An AT&T executive told Reuters that the company has been trying to regain customers’ trust over the past few years with better offers and product improvements. “Four years ago, we were losing share in the industry for a significant period of time… we knew we had lost our customers’ trust,” Reuters quoted AT&T Executive VP Jenifer Robertson as saying in an article today.

After embarrassing blunder, AT&T promises bill credits for future outages Read More »

$2-per-megabyte:-at&t-mistakenly-charged-customer-$6,223-for-3.1gb-of-data

$2 per megabyte: AT&T mistakenly charged customer $6,223 for 3.1GB of data

An AT&T customer who switched to the company’s FirstNet service for first responders got quite the shock when his bill came in at $6,223.60, instead of the roughly $260 that his four-line plan previously cost each month.

The Texas man described his experience in a now-deleted Reddit post three days ago, saying he hadn’t been able to get the obviously incorrect bill reversed despite calling AT&T and going to an AT&T store in Dallas. The case drew plenty of attention and the bill was finally wiped out several days after the customer contacted the AT&T president’s office.

The customer said he received the billing email on December 11. An automatic payment was scheduled for December 15, but he canceled the autopay before the money was charged. The whole mess took a week to straighten out.

“I have been with AT&T for over a decade and I have always had unlimited plans so I knew this was a mistake,” he wrote. “The only change I have made to my account is last month I moved my line over to FirstNet. I am a first responder and I was told my price per month would actually go down a few dollars a month.”

“We have apologized for the inconvenience”

AT&T confirmed to Ars today that it “straightened out the customer’s bill.”

“We understand how frustrating this must have been for [the customer] and we have apologized for the inconvenience. We have resolved his concerns about his bill and are investigating to determine what caused this system error,” an AT&T spokesperson told Ars.

The customer posted screenshots of his bill, which helpfully pointed out, “Your bill increased $5,956.92” since the previous month. It included a $5.73 “discount for first responder appreciation,” but that wasn’t enough to wipe out a $6,194 line item listed as “Data Pay Per use 3,097MB at $2.00 per MB.”

$2 per megabyte: AT&T mistakenly charged customer $6,223 for 3.1GB of data Read More »

report:-at&t,-verizon-aren’t-notifying-most-victims-of-chinese-call-records-hack

Report: AT&T, Verizon aren’t notifying most victims of Chinese call-records hack

Telecom companies aren’t required to notify customers about every breach. A Federal Communications Commission order in December 2023 adopted a “harm-based notification trigger” in which “notification of a breach to consumers is not required in cases where a carrier can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach, or where the breach solely involves encrypted data and the carrier has definitive evidence that the encryption key was not also accessed, used, or disclosed.”

The FCC said that harm requiring notifications can include, but is not limited to, “financial harm, physical harm, identity theft, theft of services, potential for blackmail, the disclosure of private facts, the disclosure of contact information for victims of abuse, and other similar types of dangers.”

The FCC order argued that the harm-based standard would let carriers “focus their time, effort, and financial resources on the most important and potentially harmful incidents” and protect “customers from over-notification and notice fatigue, specifically in instances where the carrier has reasonably determined that no harm is likely to occur.”

Senator: Telecoms should tell customers

US Sen. Ron Wyden (D-Ore.) this week criticized the carriers for having weak security and the FCC for “let[ting] phone companies write their own cybersecurity rules.” Wyden proposed legislation to beef up telecom security requirements.

A spokesperson for Wyden today said that carriers should notify the affected customers.

“Senator Wyden strongly supports the phone companies notifying their customers about the theft of their data,” the spokesperson told Ars. “Not only do Americans have a right to be told that their information was stolen, but this is useful information that could result in some consumers voting with their wallets and switching service to carriers that retain less data and or have better cybersecurity.”

Stanford University researchers collected and studied telephone metadata for a 2016 paper to determine how it could be used against customers. “Using crowdsourced telephone logs and social networking information, we find that telephone metadata is densely interconnected, susceptible to reidentification, and enables highly sensitive inferences,” they wrote.

Report: AT&T, Verizon aren’t notifying most victims of Chinese call-records hack Read More »

at&t-says-it-won’t-build-fiber-home-internet-in-half-of-its-wireline-footprint

AT&T says it won’t build fiber home Internet in half of its wireline footprint


AT&T is ditching copper and building fiber, but many will get only 5G or satellite.

Credit: Getty Images | Joe Raedle

AT&T this week detailed plans to eliminate copper phone and DSL lines from its network while leaving many customers in rural areas with only wireless or satellite as an alternative.

In a presentation for analysts and investors on Tuesday, AT&T said it has a “wireless first” plan for 50 percent of its 500,000-square-mile wireline territory and a “fiber first” plan for the rest. The more sparsely populated half accounts for 10 percent of the potential customer base, and AT&T does not plan to build fiber home Internet for those users.

AT&T said it expects to be able to ditch copper because of state-level deregulation and the impending shift in power at the Federal Communications Commission, where Trump pick Brendan Carr is set to become the chairman. California is the only state out of 21 in AT&T’s wireline territory that hasn’t yet granted AT&T’s request for deregulation of old networks.

An AT&T press release said the company “is actively working to exit its legacy copper network operations across the large majority of its wireline footprint by the end of 2029.” AT&T’s wireline footprint has 88 million locations, said Susan Johnson, an AT&T executive VP in charge of supply chain and wireline transformation.

About 21 million of those have access only to voice service. The other 67 million are eligible for Internet access, and 29 million of those have access to fiber already. AT&T plans to boost its number of fiber locations to 45 million by the end of 2029 but says it isn’t profitable enough to build fiber to the other parts of its old landline phone and DSL networks.

AT&T: Fiber not profitable enough in half of footprint

AT&T reported that its residential business has 13.97 million Internet connections, including 9.02 million fiber connections. Many copper users who don’t get fiber will be able to use 5G-based home broadband with AT&T Internet Air and wireless phone service with AT&T Phone-Advanced. Johnson said that Internet Air offers “up to 25 times faster speeds than legacy ADSL.” But customers who don’t get access to the terrestrial wireless service may have to use satellite.

“Wireless first is the name for our wire center areas where we have not built and do not plan to build residential fiber. There’s not an economic path to do so,” Johnson said. “These wire centers may still have fiber supporting businesses or cell sites but no consumer fiber. This is about 50 percent of our land area but it’s only 10 percent of the population.” These areas have “four remaining copper customers per square mile,” she said.

Wireless home phone service will be available to “the vast majority of our existing copper-based customers,” but not all, she said. In some areas, “we will need to work with our customers to move them to other technologies, including satellite. But we’ve made a pledge that we’re going to keep our customers connected through the process and make sure that no customer loses access to voice or 911 services.”

Johnson said AT&T’s “plan is to have no customers using copper services in these wire center areas by the end of 2027.” A Republican-majority FCC will help, she said.

“We are going to work with the FCC to speed up and scale this process, and with the new administration we are optimistic that we can make even more progress in simplifying our networks and migrating our customers over the next several years,” Johnson said.

She said that AT&T Phone-Advanced “was specifically designed to meet the FCC’s criteria as an adequate replacement product for our traditional landline phone service, and we have successfully completed the testing with the FCC and we are continuing to move through their preview process.”

AT&T has an application pending with the FCC in a small number of wire centers, “which, if approved, would allow us to replace traditional landline phone service, think POTS [Plain Old Telephone Service], our most regulated product, with AT&T Phone Advanced,” Johnson said.

California demanded more reliable service

AT&T already achieved what Johnson called “an absolutely critical precedent” earlier this year when the FCC allowed it to stop accepting new copper-based service orders in 60 wire centers across 13 states, she said. A wire center consists of a central office and the surrounding infrastructure, including the copper lines that stretch from the central office to homes and businesses. AT&T has 4,600 wire centers in the US, Johnson said.

Notably, AT&T’s plan to ditch copper currently excludes California, where the Public Utilities Commission rejected AT&T’s request to end its landline phone obligations in a June 2024 ruling. “California is not included in the plans I just laid out for you. We are continuing to work with policy makers to define our path in that state,” Johnson said.

AT&T is still classified as a Carrier of Last Resort (COLR) in California, and the state telecom agency rejected AT&T’s argument that VoIP and mobile services could fill the gap that would exist if AT&T escaped that obligation. Residents “highlighted the unreliability of voice alternatives” at public hearings, the agency said.

An administrative law judge at the California agency said AT&T falsely claimed that commission rules require it “to retain outdated copper-based landline facilities that are expensive to maintain.” AT&T is allowed to upgrade those lines from copper to fiber, the agency said.

AT&T achieved its goal of deregulation in the other 20 states where it has wireline operations, Johnson said. “While California is the last state to modernize, we’ve started a process there and we will continue to work towards this objective,” she said.

The deregulation in other states already helped AT&T stop offering old services in “about 250,000 square miles where we have met the regulatory requirements to no longer offer regulated services because our customers have moved on to other services,” Johnson said.

AT&T planned to hit that milestone by 2025 but achieved it this year, she said. But as Johnson stressed, AT&T wants to get rid of copper in the remaining 500,000 square miles. “This is really good progress… however, without the full discontinuance of services across an entire wire center geography, we’re unable to stop the maintenance, repair, and attack the more fixed infrastructure costs,” she said.

Copper network degrading

Johnson said that AT&T is “seeing declining reliability with storms and increased copper theft. Copper simply does not do well with water and flooding, and repairs are very labor-intensive.” State regulators have said the declining reliability is largely AT&T’s fault. Many copper lines deteriorated because AT&T failed to do maintenance that would prevent lengthy outages and other troubles, a 2019 investigation by California state regulators found.

As noted earlier, AT&T said it plans to have no customers using copper in half of its territory by the end of 2027. In the other half, where AT&T described a “fiber first” strategy, there will nonetheless be copper customers who won’t get a fiber upgrade and will have to stop using copper by the end of 2029, Johnson said.

AT&T plans to build lots of fiber in the more populated half, but “not every customer location will be reached with fiber in these areas and we will still serve some of the customers in these areas with wireless alternatives,” Johnson said. AT&T’s “plan is to have no customer using copper services in these wire center areas by the end of 2029.”

The biggest beneficiaries of AT&T’s copper retirement may be shareholders. Johnson said the old network is an energy hog and has $6 billion in annual expenses. “Overall, our legacy business is profitable today but the revenue declines are accelerating,” she said.

AT&T is selling copper after it is decommissioned and leasing out some unused central offices. “By targeting the complete customer transition in a wire center, with the least profitable wire centers first, we are able to remove these geographic costs and really optimize margins as we move towards exiting copper services,” Johnson said.

Besides the 45 million existing and planned fiber locations, AT&T said its total fiber footprint by 2029 will include another 5 million or so locations through Gigapower, a joint venture with Blackrock, and agreements with commercial open-access providers.

Photo of Jon Brodkin

Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry.

AT&T says it won’t build fiber home Internet in half of its wireline footprint Read More »

verizon,-at&t-tell-courts:-fcc-can’t-punish-us-for-selling-user-location-data

Verizon, AT&T tell courts: FCC can’t punish us for selling user location data

Supreme Court ruling could hurt FCC case

Both AT&T and Verizon cite the Supreme Court’s June 2024 ruling in Securities and Exchange Commission v. Jarkesy, which held that “when the SEC seeks civil penalties against a defendant for securities fraud, the Seventh Amendment entitles the defendant to a jury trial.”

The Supreme Court ruling, which affirmed a 5th Circuit order, had not been issued yet when the FCC finalized its fines. The FCC disputed the 5th Circuit ruling, saying among other things that Supreme Court precedent made clear that “Congress can assign matters involving public rights to adjudication by an administrative agency ‘even if the Seventh Amendment would have required a jury where the adjudication of those rights is assigned to a federal court of law instead.'”

Of course, the FCC will have a tougher time disputing the Jarkesy ruling now that the Supreme Court affirmed the 5th Circuit. Verizon pointed out that in the high court’s Jarkesy decision, “Justice Sotomayor, in dissent, recognized that Jarkesy was not limited to the SEC, identifying many agencies, including the FCC, whose practice of ‘impos[ing] civil penalties in administrative proceedings’ would be ‘upend[ed].'”

Verizon further argued: “As in Jarkesy, the fact that the FCC seeks ‘civil penalties… designed to punish’ is ‘all but dispositive’ of Verizon’s entitlement to an Article III court and a jury, rather than an agency prosecutor and adjudicator.”

Carriers: We didn’t get fair notice

Both carriers said the FCC did not provide “fair notice” that its section 222 authority over customer proprietary network information (CPNI) would apply to the data in question.

When it issued the fines, the FCC said carriers had fair notice. “CPNI is defined by statute, in relevant part, to include ‘information that relates to… the location… of a telecommunications service,'” the FCC said.

Verizon, AT&T tell courts: FCC can’t punish us for selling user location data Read More »

at&t-praises-itself-after-getting-caught-taking-too-much-money-from-fcc-program

AT&T praises itself after getting caught taking too much money from FCC program

AT&T improperly obtained money from a government-run broadband discount program by submitting duplicate requests and by claiming subsidies for thousands of subscribers who weren’t using AT&T’s service. AT&T obtained funding based on false certifications it made under penalty of perjury.

AT&T on Friday agreed to pay $2.3 million in a consent decree with the Federal Communications Commission’s Enforcement Bureau. That includes a civil penalty of $1,921,068 and a repayment of $378,922 to the US Treasury.

The settlement fully resolves the FCC investigation into AT&T’s apparent violations, the consent decree said. “AT&T admits for the purpose of this Consent Decree and for Commission civil enforcement purposes” that the findings described by the FCC “contain a true and accurate description of the facts underlying the Investigation,” the document said.

In addition to the civil penalty and repayment, AT&T agreed to a compliance plan designed to prevent further violations. AT&T last week reported quarterly revenue of $30.2 billion.

AT&T made the excessive reimbursement claims to the Emergency Broadband Benefit Program (EBB), which the US formed in response to the COVID-19 pandemic, and to the EBB’s successor program, the Affordable Connectivity Program (ACP). The FCC said its rules “are vital to protecting these Programs and their resources from waste, fraud, and abuse.”

AT&T praises itself for using federal program

We contacted AT&T today and asked for an explanation of what caused the violations. Instead, AT&T provided Ars with a statement that praised itself for participating in the federal discount programs.

“When the federal government acted during the COVID-19 pandemic to stand up the Emergency Broadband Benefit program, and then the Affordable Connectivity Program, we quickly implemented both programs to provide more low-cost Internet options for our customers. We take compliance with federal programs like these seriously and appreciate the collaboration with the FCC to reach a solution on this matter,” AT&T said.

The EBB provided monthly subsidies of $50 for eligible households, while the ACP offered $30 a month. Telecoms provided the discounts to subscribers directly and sought reimbursement from the programs. The ACP ended a few months ago after Congress did not provide additional funding.

AT&T praises itself after getting caught taking too much money from FCC program Read More »

t-mobile,-at&t-oppose-unlocking-rule,-claim-locked-phones-are-good-for-users

T-Mobile, AT&T oppose unlocking rule, claim locked phones are good for users


Carriers fight plan to require unlocking of phones 60 days after activation.

A smartphone wrapped in a metal chain and padlock

T-Mobile and AT&T say US regulators should drop a plan to require unlocking of phones within 60 days of activation, claiming that locking phones to a carrier’s network makes it possible to provide cheaper handsets to consumers. “If the Commission mandates a uniform unlocking policy, it is consumers—not providers—who stand to lose the most,” T-Mobile alleged in an October 17 filing with the Federal Communications Commission.

The proposed rule has support from consumer advocacy groups who say it will give users more choice and lower their costs. T-Mobile has been criticized for locking phones for up to a year, which makes it impossible to use a phone on a rival’s network. T-Mobile claims that with a 60-day unlocking rule, “consumers risk losing access to the benefits of free or heavily subsidized handsets because the proposal would force providers to reduce the line-up of their most compelling handset offers.”

If the proposed rule is enacted, “T-Mobile estimates that its prepaid customers, for example, would see subsidies reduced by 40 percent to 70 percent for both its lower and higher-end devices, such as the Moto G, Samsung A15, and iPhone 12,” the carrier said. “A handset unlocking mandate would also leave providers little choice but to limit their handset offers to lower cost and often lesser performing handsets.”

T-Mobile and other carriers are responding to a call for public comments that began after the FCC approved a Notice of Proposed Rulemaking (NPRM) in a 5–0 vote. The FCC is proposing “to require all mobile wireless service providers to unlock handsets 60 days after a consumer’s handset is activated with the provider, unless within the 60-day period the service provider determines the handset was purchased through fraud.”

When the FCC proposed the 60-day unlocking rule in July 2024, the agency criticized T-Mobile for locking prepaid phones for a year. The NPRM pointed out that “T-Mobile recently increased its locking period for one of its brands, Metro by T-Mobile, from 180 days to 365 days.”

T-Mobile’s policy says the carrier will only unlock mobile devices on prepaid plans if “at least 365 days… have passed since the device was activated on the T-Mobile network.”

“You bought your phone, you should be able to take it to any provider you want,” FCC Chairwoman Jessica Rosenworcel said when the FCC proposed the rule. “Some providers already operate this way. Others do not. In fact, some have recently increased the time their customers must wait until they can unlock their device by as much as 100 percent.”

T-Mobile locking policy more onerous

T-Mobile executives, who also argue that the FCC lacks authority to impose the proposed rule, met with FCC officials last week to express their concerns.

“T-Mobile is passionate about winning customers for life, and explained how its handset unlocking policies greatly benefit our customers,” the carrier said in its post-meeting filing. “Our policies allow us to deliver access to high-speed mobile broadband on a nationwide 5G network via handsets that are free or heavily discounted off the manufacturer’s suggested retail price. T-Mobile’s unlocking policies are transparent, and there is absolutely no evidence of consumer harm stemming from these policies. T-Mobile’s current unlocking policies also help T-Mobile combat handset theft and fraud by sophisticated, international criminal organizations.”

For postpaid users, T-Mobile says it allows unlocking of fully paid-off phones that have been active for at least 40 days. But given the 365-day lock on prepaid users, T-Mobile’s overall policy is more onerous than those of other carriers. T-Mobile has also faced angry customers because of a recent decision to raise prices on plans that were advertised as having a lifetime price lock.

AT&T enables unlocking of paid-off phones after 60 days for postpaid users and after six months for prepaid users. AT&T lodged similar complaints as T-Mobile, saying in an October 7 filing that the FCC’s proposed rules would “mak[e] handsets less affordable for consumers, especially those in low-income households,” and “exacerbate handset arbitrage, fraud, and trafficking. “

AT&T told the FCC that “requiring providers to unlock handsets before they are paid-off would ultimately harm consumers by creating upward pressure on handset prices and disincentives to finance handsets on flexible terms.” If the FCC implements any rules, it should maintain “existing contractual arrangements between customers and providers, ensure that providers have at least 180 days to detect fraud before unlocking a device, and include at least a 24-month period for providers to implement any new rules,” AT&T said.

Verizon, which already faces unlocking rules because of requirements imposed on spectrum licenses it owns, automatically unlocks phones after 60 days for prepaid and postpaid users. Among the three major carriers, Verizon is the most amenable to the FCC’s new rules.

Consumer groups: Make Verizon rules industry-wide

An October 18 filing supporting a strict unlocking rule was submitted by numerous consumer advocacy groups including Public Knowledge, New America’s Open Technology Institute, Consumer Reports, the National Consumers League, the National Consumer Law Center, and the National Digital Inclusion Alliance.

“Wireless users are subject to unnecessary restrictions in the form of locked devices, which tie them to their service providers even when better options may be available. Handset locking practices limit consumer freedom and lessen competition by creating an artificial technological barrier to switching providers,” the groups said.

The groups cited the Verizon rules as a model and urged the FCC to require “that device unlocking is truly automatic—that is, unlocked after the requisite time period without any additional actions of the consumer.” Carriers should not be allowed to lock phones for longer than 60 days even when a phone is on a financing plan with outstanding payments, the groups’ letter said:

Providers should be required to transition out of selling devices without this [automatic unlocking] capability and the industry-wide rule should be the same as the one protecting Verizon customers today: after the expiration of the initial period, the handset must automatically unlock regardless of whether: (1) the customer asks for the handset to be unlocked or (2) the handset is fully paid off. Removing this barrier to switching will make the standard simple for consumers and encourage providers to compete more vigorously on mobile service price, quality, and innovation.

In an October 2 filing, Verizon said it supports “a uniform approach to handset unlocking that allows all wireless providers to lock wireless handsets for a reasonable period of time to limit fraud and to enable device subsidies, followed by automatic unlocking absent evidence of fraud.”

Verizon said 60 days should be the minimum for postpaid devices so that carriers have time to detect fraud and theft, and that “a longer, 180-day locking period for prepaid is necessary to enable wireless providers to continue offering subsidies that make phones affordable for prepaid customers.” Regardless of what time frame the FCC chooses, Verizon said “a uniform unlocking policy that applies to all providers… will benefit both consumers and competition.”

FCC considers impact on phone subsidies

While the FCC is likely to impose an unlocking rule, one question is whether it will apply when a carrier has provided a discounted phone. The FCC’s NPRM asked the public for “comment on the impact of a 60-day unlocking requirement in connection with service providers’ incentives to offer discounted handsets for postpaid and prepaid service plans.”

The FCC acknowledged Verizon’s argument “that providers may rely on handset locking to sustain their ability to offer handset subsidies and that such subsidies may be particularly important in prepaid environments.” But the FCC noted that public interest groups “argue that locked handsets tied to prepaid plans can disadvantage low-income customers most of all since they may not have the resources to switch service providers or purchase new handsets.”

The public interest groups also note that unlocked handsets “facilitate a robust secondary market for used devices, providing consumers with more affordable options,” the NPRM said.

The FCC says it can impose phone-unlocking rules using its legal authority under Title III of the Communications Act “to protect the public interest through spectrum licensing and regulations to require mobile wireless service providers to provide handset unlocking.” The FCC said it previously relied on the same Title III authority when it imposed the unlocking rules on 700 MHz C Block spectrum licenses purchased by Verizon.

T-Mobile told the FCC in a filing last month that “none of the litany of Title III provisions cited in the NPRM support the expansive authority asserted here to regulate consumer handsets (rather than telecommunications services).” T-Mobile also said that “the Commission’s legal vulnerabilities on this score are only magnified in light of recent Supreme Court precedent.”

The Supreme Court recently overturned the 40-year-old Chevron precedent that gave agencies like the FCC judicial deference when interpreting ambiguous laws. The end of Chevron makes it harder for agencies to issue regulations without explicit authorization from Congress. This is a potential problem for the FCC in its fight to revive net neutrality rules, which are currently blocked by a court order pending the outcome of litigation.

Photo of Jon Brodkin

Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry.

T-Mobile, AT&T oppose unlocking rule, claim locked phones are good for users Read More »

reports:-china-hacked-verizon-and-at&t,-may-have-accessed-us-wiretap-systems

Reports: China hacked Verizon and AT&T, may have accessed US wiretap systems

Chinese government hackers penetrated the networks of several large US-based Internet service providers and may have gained access to systems used for court-authorized wiretaps of communications networks, The Wall Street Journal reported Saturday. “People familiar with the matter” told the WSJ that hackers breached the networks of companies including Verizon, AT&T, and Lumen (also known as CenturyLink).

“A cyberattack tied to the Chinese government penetrated the networks of a swath of US broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests,” the WSJ wrote. “For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful US requests for communications data, according to people familiar with the matter.”

These “attackers also had access to other tranches of more generic Internet traffic,” according to the WSJ’s sources. The attack is being attributed to a Chinese hacking group called Salt Typhoon.

The Washington Post reported on the hacking campaign yesterday, describing it as “an audacious espionage operation likely aimed in part at discovering the Chinese targets of American surveillance.” The Post report attributed the information to US government officials and said an investigation by the FBI, other intelligence agencies, and the Department of Homeland Security “is in its early stages.”

The Post report said there are indications that China’s Ministry of State Security is involved in the attacks.

Verizon reportedly working with FBI

Verizon reportedly set up a war room at its facility in Ashburn, Virginia, where it is working with personnel from the FBI, Microsoft, and Google subsidiary Mandiant.

Reports: China hacked Verizon and AT&T, may have accessed US wiretap systems Read More »

“extreme”-broadcom-proposed-price-hike-would-up-vmware-costs-1,050%,-at&t-says

“Extreme” Broadcom-proposed price hike would up VMware costs 1,050%, AT&T says

Legal dispute continues —

Broadcom “preventing some vendors from selling products to us,” AT&T alleges.

The logo of American cloud computing and virtualization technology company VMware is seen at the Mobile World Congress (MWC), the telecom industry's biggest annual gathering, in Barcelona on March 2, 2023.

Broadcom quoted AT&T a 1,050 percent price hike for VMware offerings, AT&T has claimed in legal documents.

AT&T sued Broadcom on August 29, accusing Broadcom of unlawfully denying it the second of three one-year renewals for support services that AT&T thinks it’s entitled to. AT&T cites a contract signed before Broadcom bought VMware. The telecommunications firm says it has 75,000 virtual machines (VMs) across approximately 8,600 servers running on VMware. Broadcom, which has stopped selling VMware perpetual licenses, has said that AT&T missed its opportunity to renew support and that the contract between VMware and AT&T has an “End of Availability” provision allowing VMware to retire products and services.

Legal filings from September 27 and spotted by The Register today show an email [PDF] that AT&T EVP and GM of wireline transformation and global supply chain Susan A. Johnson apparently sent to Broadcom CEO Hock Tan pointing to “an impasse” over VMware.

Johnson argued in the email that AT&T should have the right to renew support through September 2026 thanks to a previously signed five-year deal:

This proposed annual increase of +1,050% in one year is extreme and certainly not how we expect strategic partners to engage in doing business with AT&T.

A 1,050 percent price hike is the largest that Ars Technica has heard of being proposed by Broadcom. At this time, it’s unknown if AT&T’s claims are accurate. Broadcom hasn’t publicly commented on the allegations.

Many VMware customers have pointed to VMware becoming more expensive under Broadcom, though. Broadcom’s changes to selling VMware have reportedly included bundling products into only about two SKUs and higher CPU core requirements. In March, customers reportedly complained about price increases of up to 600 percent, per The Register. And in February, ServeTheHome said small cloud service providers reported prices increasing tenfold.

AT&T’s contract with VMware may be one of the firm’s bigger accounts. A 1,050 percent price hike would be another level, however, even for a company the size of AT&T. Per Johnson’s email, AT&T and Broadcom have had a “strategic relationship” for over a decade.

The email reads:

… AT&T has decided to pursue a legal strategy along with a disciplined plan to invest to migrate away, all of which will quickly become public. I truly wish we had another option. Unfortunately, this decision will impact the future of our overall relationship and how we manage spend in other Broadcom areas.

AT&T on potentially migrating off VMware

In her email, Johnson points to migration costs as impacting how much AT&T is willing to pay for VMware.

According to the message, projected costs for moving AT&T off of VMware are $40 million to $50 million. AT&T is said to use VMware-based VMs for customer services operations and for operations management efficiency. Per AT&T’s email, migration “has a very quick payback” and “strong” internal rate of return, “especially given the high licensing costs proposed.”

On September 20, Broadcom requested that AT&T’s request to block Broadcom from discontinuing VMware support be denied. In legal documents [PDF], Broadcom said that AT&T is planning to ditch VMware and that AT&T could have spent “the last several months or even years” making the transition.

In an affidavit filed on September 27 [PDF], Johnson stated that her email to Tan does not suggest that migration “would be easy, quick, or inexpensive” and that “none of those would be accurate statements.”

“My point was that although it is not easy, cheap, or quick to migrate off VMware, Defendants’ high fees will incentivize us to migrate to another solution,” the affidavit reads.

Johnson also claimed that AT&T started exploring options for getting off VMware in December but thought that it had time to make decisions, since it believed it could opt to renew support for its licenses until September 2026.

In another legal filing from September 27 [PDF], Gordon Mansfield, president of global technology planning at AT&T Services, says:

AT&T currently estimates it will take a period of years to transition all of its servers currently operating with the VMware software away from VMware. Moreover, Defendants have not made it easy to do so since we understand that they are preventing some vendors from selling certain products to us.

The filing didn’t get into further detail about how exactly Broadcom could be blocking product sales to AT&T. Broadcom hasn’t publicly responded to Mansfield’s claim.

Regarding AT&T’s lawsuit, Broadcom has previously told Ars Technica that it “strongly disagrees with the allegations and is confident we will prevail in the legal process.”

Since Broadcom’s VMware acquisition, most customers are expected to have at least considered ditching VMware. However, moving can be challenging and costly as some IT environments are heavily dependent on VMware. Being able to ensure that things are able to run as expected during the transition period has also complicated potential migrations.

While AT&T and Broadcom’s legal dispute continues, Broadcom has agreed to continue providing AT&T with VMware support until October 9. A preliminary injunction hearing is scheduled for October 15.

“Extreme” Broadcom-proposed price hike would up VMware costs 1,050%, AT&T says Read More »

broadcom-responds-to-at&t’s-vmware-support-lawsuit:-at&t-has-“other-options”

Broadcom responds to AT&T’s VMware support lawsuit: AT&T has “other options”

Legal battle —

Broadcom defends against renewal, citing “End of Availability” provision.

Wooden gavel on table in a courtroom

Broadcom is accusing AT&T of trying to “rewind the clock and force” Broadcom “to sell support services for perpetual software licenses… that VMware has discontinued from its product line and to which AT&T has no contractual right to purchase.” The statement comes from legal documents Broadcom filed in response to AT&T’s lawsuit against Broadcom for refusing to renew support for its VMware perpetual licenses [PDF].

On August 29, AT&T filed a lawsuit [PDF] against Broadcom, alleging that Broadcom is breaking a contract by refusing to provide a one-year renewal for support for perpetually licensed VMware software. Broadcom famously ended perpetual VMware license sales shortly after closing its acquisition in favor of a subscription model featuring about two bundles of products rather than many SKUs.

AT&T claims its VMware contract (forged before Broadcom’s acquisition closed in November) entitles it to three one-year renewals of perpetual license support, and it’s currently trying to enact the second one. AT&T says it uses VMware products to run 75,000 virtual machines (VMs) across about 8,600 servers. The VMs are for supporting customer services operations and operations management efficiency, per AT&T. AT&T is asking the Supreme Court of the State of New York to stop Broadcom from ending VMware support services for AT&T and for “further relief” as deemed necessary.

On September 20, Broadcom filed for AT&T’s motion to be denied. Its defense includes its previously taken stance that VMware was moving toward a subscription model before Broadcom bought it. The transition from perpetual licenses to subscriptions was years in the making and, thus, something for which AT&T should have prepared, according to Broadcom. Broadcom claims that AT&T has admitted that it intends to migrate away from VMware software and that AT&T could have spent “the last several months or even years” doing so.

The filing argues: “AT&T resorts to sensationalism by accusing Broadcom of using ‘bullying tactics’ and ‘price gouging.’ Such attacks are intended to generate press and distract the Court from a much simpler story.”

Broadcom claims the simple story is that:

… the agreement contains an unambiguous “End of Availability” provision, which gives VMware the right to retire products and services at any time upon notice. What’s more, a year ago, AT&T opted not to purchase the very Support Services it now asks the Court to force VMware to provide. AT&T did so despite knowing Defendants were implementing a long planned and well-known business model transition and would soon no longer be selling the Support Services in question.

Broadcom says it has been negotiating with AT&T “for months” about a new contract, but the plaintiff “rejected every proposal despite favorable pricing.”

Broadcom’s filing also questions AT&T’s request for mandatory injunction, claiming that New York only grants those in “rare circumstances,” which allegedly don’t apply here.

AT&T has options, Broadcom says

AT&T’s lawsuit claims losing VMware support will cause extreme harm to itself and beyond. The lawsuit says that 22,000 of AT&T’s VMware VMs are used for support “of services to millions of police officers, firefighters, paramedics, emergency workers, and incident response team members nationwide… for use in connection with matters of public safety and/or national security.” It also claimed that communications for the Office of the President are at risk without VMware’s continued support.

However, Broadcom claims that AT&T has other choices, saying:

AT&T does have other options and, therefore, the most it can obtain is monetary damages. The fact that AT&T has been given more than eight-months’ notice and has in the meantime failed to take any measures to prevent its purported harm (e.g., buy a subscription for the new offerings or move to another solution) is telling and precludes any finding of irreparable harm. Even if AT&T thinks it deserves better pricing, it could have avoided its purported irreparable harm by entering in a subscription based deal and suing for monetary damages instead of injunctive relief.

AT&T previously declined to answer Ars Technica’s questions about its backup plans for supporting such important customers should it lose VMware support.

Broadcom has rubbed some customers the wrong way

Broadcom closed its VMware acquisition in November and quickly made dramatic changes. In addition to Broadcom’s reputation for overhauling companies after buying them, moves like ending perpetual licenses, taking VMware’s biggest customers directly instead of using channel partners, and raising costs by bundling products and issuing higher CPU core requirements have led customers and partners to reconsider working with the company. Migrating from VMware can be extremely challenging and expensive due to its deep integration into some IT environments, but many are investigating migration, and some expect Broadcom to face years of backlash.

As NAND Research founder and analyst Steve McDowell told TechTarget about this case:

It’s very unusual for customers to sue their vendors. I think Broadcom grossly underestimated how passionate the customer base is, [but] it’s a captive audience.

As this lawsuit demonstrates, Broadcom’s VMware has brought serious customer concerns around ongoing support. Companies like Spinnaker Support are trying to capitalize by offering third-party support services.

Martin Biggs, VP and managing director of EMEA and strategic initiatives at Spinnaker, told Ars Technica that his company provides support so customers can spend time determining their next move, whether that’s buying into a VMware subscription or moving on:

VMware customers are looking for options; the vast majority that we have spoken to don’t have a clear view yet of where they want to go, but in all cases the option of staying with VMware for the significantly increased fees is simply untenable. The challenge many have is that not paying fees means not getting support or security on their existing investment.

VMware’s support for AT&T was supposed to end on September 8, but the two companies entered an agreement to continue support until October 9. A hearing on a preliminary injunction is scheduled for October 15.

Broadcom responds to AT&T’s VMware support lawsuit: AT&T has “other options” Read More »

at&t-fined-$13m-for-data-breach-after-giving-customer-bill-info-to-vendor

AT&T fined $13M for data breach after giving customer bill info to vendor

A man with an umbrella walking past a building with an AT&T logo.

AT&T agreed to pay a $13 million fine because it gave customer bill information to a vendor in order to create personalized videos, then allegedly failed to ensure that the vendor destroyed the data when it was no longer needed. In addition to the fine, AT&T agreed to stricter controls on sharing data with vendors in a consent decree announced today by the Federal Communications Commission.

In January 2023, years after the data was supposed to be destroyed, the vendor suffered a breach “when threat actors accessed the vendor’s cloud environment and ultimately exfiltrated AT&T customer information,” the FCC said. Information related to 8.9 million AT&T wireless customers was exposed.

Phone companies are required by law to protect customer information, and AT&T should not have merely relied on third-party firms’ assurances that they destroyed data when it was no longer needed, the FCC said.

“AT&T used the vendor to generate and host personalized video content, including billing and marketing videos, for AT&T customers,” an FCC press release said. “Under AT&T’s contracts, the vendor should have destroyed or returned AT&T customer information when no longer necessary to fulfill contractual obligations, which ended years before the breach occurred. AT&T failed to ensure the vendor: (1) adequately protected the customer information, and (2) returned or destroyed it as required by contract.”

The data “remained in the vendor’s cloud environment for many years after it should have been deleted or returned to AT&T and was ultimately exposed” in the January 2023 breach, an FCC Enforcement Bureau order said.

Data should have been deleted in 2018

AT&T told the FCC that it shared customer data with the vendor between 2015 and 2017, and that data was supposed to be “securely destroyed or deleted” by 2018. The exposed data included “line count for all impacted customers, and bill balance and payment information and rate plan name and features for approximately one percent of impacted customers,” the FCC said.

AT&T told Ars today that the data “did not contain credit card information, Social Security Numbers, account passwords or other sensitive personal information.” AT&T said it notified customers of the breach in March 2023.

“AT&T stated that it monitored impacted customer accounts following the incident and identified no evidence of AT&T account-related fraud or other unlawful or unauthorized activity tied to the Breach,” the consent decree said. “According to AT&T, porting, SIM swap, and equipment fraud rates for impacted customers following the incident were consistently less than the rates for the general population of AT&T Mobility customers across all account types.”

When contacted by Ars, AT&T did not respond directly to the FCC’s allegation that it failed to ensure the vendor protected customer information. AT&T provided us with a statement saying, “A vendor we previously used experienced a security incident last year that exposed data pertaining to some of our wireless customers. Though our systems were not compromised in this incident, we’re making enhancements to how we manage customer information internally, as well as implementing new requirements on our vendors’ data management practices.”

AT&T fined $13M for data breach after giving customer bill info to vendor Read More »