Reports reveal AT&T, Verizon track users’ web activity

WIRELESS giants AT&T and Verizon may be violating privacy laws with coding that tracks its users’ web activity.

Recent reports have revealed that these telecommunications providers have been tracking more than 100 million mobile phone users with a code that collects data about every single web page visited. The code has been referred to as “supercookies” by critics, while Verizon calls it a unique identifier header (UIDH).

Verizon has been tracking users since November 2012, but said it only keeps tabs on “retail” customers, those who do not have contracts tied to businesses or the government.

CNET editor Tim Stevens said on “CBS This Morning” that it is upsetting that the companies have been watching its customers for a few years at this point, with knowledge surfacing just now.

A big concern he has is that these codes could compromise privacy.

“Anyone on the web can look at these identifiers and do a reverse look-up and figure out who you are and where you’ve been going across the web,” he said. “Especially if you’re, for example, sitting in a coffee shop and you’re surfing the web on an unencrypted connection. At that point, these IDs are kind of floating around in the air and anyone in the coffee shop could be monitoring all the traffic and looking at all those IDs and again seeing what sites you’re visiting even if they’re not looking at your computer.”

The codes used by AT&T and Verizon are similar to the cookies that are stored on computers when users visit Facebook or Google, which, among other things, track user browsing to better target advertisements. But a big difference between those from the two websites and those from the wireless companies is that codes from the latter cannot be erased.

The Washingon Post reported that users cannot escape these supercookies by browsing the web on private or incognito modes and that only encryption can prevent a supercookie from monitoring user activity.

With privacy at the heart of concern, another issue is that the activity of AT&T and Verizon may be violating wiretapping and federal telecommunication laws.

Both companies claim they have taken measures to inform customers about the tracking. However, Paul Ohm, a former Federal Trade Commission officer, told The Washington Post that if proven that the companies did not put enough effort into notifying customers, both companies could be put into a compromising position.

AT&T spokeswoman Emily Edmonds told The Post that the company’s supercookie changes every 24 hours to enhance privacy. But independent researchers say data collected this way still gets shared among advertisers and websites.

Additionally, Stevens said this data can be easily accessed over unencrypted connections, such as those at coffee shops.

Stevens also said AT&T customers can choose to opt out and they can remove the code and Verizon users can request to be removed from its advertising program, although it does not guarantee the company will delete the UIDH.

(With reports from CBS, The Washington Post)

(www.asianjournal.com)
(LA Midweek November 12-14, 2014 Sec. B pg.1)