The New Cookie Monster: Verizon, AT&T are Watching your Web Browsing

by Matt Klassen on November 7, 2014

Do you ever wonder how those advertising pop-ups on Facebook or other parts of the Internet know the websites and products you just viewed? While there are a number of ways of tracking and compiling your web browsing habits, Internet service providers Verizon and AT&T have employed their own devious tricks to gain knowledge about their respective customer bases, inserting so-called “supercookies” into users’ mobile browsers, little innocuous pieces of code that can’t be deleted or disabled that the carriers then use to track customers’ mobile web-browsing activities…without users’ knowledge of course.

Now the unfortunate thing for us is that the use of “supercookies” by Verizon and AT&T is nothing new, in fact Big Red, by its own admission no less, has been using them for two years, compiling search and browsing data that helps carriers create a user profile about your habits, a profile they then sell to advertisers.

Although this issue isn’t new, the scary thing is that no one really knows about it, and that’s why this week The Electronic Frontier Foundation renewed its protests against the use of supercookies, arguing that the secretive nature of the data mining coupled with the fact users have no control over it constitutes a gross betrayal of user trust.

“Verizon and AT&T should immediately stop modifying their customers’ Web browsing to insert the supercookie, and should re-engineer the program so that it functions on a true opt-in basis,” Electronic Frontier Foundation’s Senior Staff Technologist Jacob Hoffman-Andrews told the E-Commerce Times. “Modifying customer Web browsing is too invasive to do without consent.”

The devious ingenuity of the user of supercookies is that they don’t act like normal third-party cookies, that is, small packets of data that are normally sent from a website to your computer when you visit a website, and thus these supercookies are not subject to normal security controls and cannot be restricted or refused and they can’t be taken out by disabling third-party cookies in your browser settings.

Both Verizon and AT&T have defended their use of supercookies, explaining that the data collected by these supercookies are anonymized, meaning Verizon or AT&T don’t know specifically what person visited what websites, but instead only knows what computers or mobile devices visited those websites, not great if you have a shared computer.

While the use of supercookies is unquestionably devious and a serious betrayal of user trust, we shouldn’t be surprised carriers embraced this new method, as mobile ad spending is expected to top $31 billion this year. “Targeted advertising dollars are incredibly valuable,” Joe Hoffman, a practice director at ABI Research, told the E-Commerce Times. “Couple this website tracking with the location data they have, and we are looking at the money-printing machine of tomorrow.”

Simply put, the only thing more valuable to Verizon and AT&T than their respective customers, is the rich data mine those customers represent, information that can be collected, compiled, and sold to the highest bidder…until those customers catch wind of it that is.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: