Verizon will use its mobile supercookies to share users' browsing habits with AOL's ad network


Posts: 6,555   +58
Staff member

Verizon has updated its privacy policy to state that it now shares users’ unique information gathered by its ‘supercookie’ identifier, such as cellphone use and browsing habits, with the AOL Advertising Network in order to send out ads that are more personalized and targeted to a specific audience.

The update means that AOL’s ad network, which is on 40 percent of websites, will be able to target ads at visitors using information from Verizon’s database as well as its own. Verizon’s privacy notice states that the targeting criteria includes visitors’ address, email address, age range, gender, interests, location, mobile web browsing history and app usage. It can also track some non-mobile web browsing to sites carrying AOL ads.

"These programs use online and device identifiers known as ‘Unique Identifier Header.’ We will use these identifiers to help make our advertising programs better by, for example: linking advertising program information between Verizon and AOLs; connecting web and app browsing activity; and helping to distinguish the user's various devices," explains Verizon on its site.

Not only does this tracking method require users to opt out if they want no part of it, but it also sends information unencrypted, meaning that it can be easily intercepted by outside sources.

Verizon, which bought AOL earlier this year, claimed it will share the identifier with “a very limited number of other partners and they will only be able to use it for Verizon and AOL purposes,” said Karen Zacharia, chief privacy officer at Verizon.

Users are able opt out of Verizon’s Unique Identifier Header system, which is enabled by default, by logging into their accounts or contacting the company directly. Verizon warned users that clearing cookies or browsing histories on their devices is not an effective way to remove themselves from the advertising programs.

Permalink to story.



I don't think so! how do I disable this "feature"? If I can't looks like I won't be using my phone for any browsing.


Posts: 8,645   +3,288
I don't think so! how do I disable this "feature"? If I can't looks like I won't be using my phone for any browsing.
I use Vodafone which is Verizon by another name, I wonder if they pull the same stunts... Anyway I'm not overly concerned, I very seldom use my phone to browse the web and when I have I'm very fastidious about cleaning browsing data and cookies. I tend to do the same with my desktop, I run ccleaner every evening to sign out of everything and clear cache junk, I also delete browsing history on Google. Not that I'm paranoid or trying to hide anything, it's just habit. I'm a bad sufferer of OCD and it spills over to just about everything I do.


Posts: 1,004   +473
If I remember the articles that came out when the Verizon data gathering was revealed it's not really something you can disable.


Posts: 10   +8
I don't think so! how do I disable this "feature"? If I can't looks like I won't be using my phone for any browsing.
Verizon routinely shares user info with other companies, and not just browsing preferences, but the apps you install, the locations you visit (when GPS is active), et. al. You can "opt out" of some of these (the ones we know about) using their mobile app: Verizon Mobile -> Profile -> Manage Privacy Settings. Also check out their "Verizon Selects Preferences" settings.


Posts: 14,111   +1,847
Protecting yourself

Although this issue has been known for some time it's not clear if any sites are actually using this weakness to track users. Regardless, you can protect yourself on Chrome by erasing your cookies before going into incognito mode. Chrome automatically flushes the HSTS database whenever you delete your cookies. Firefox does something similar, but Greenhalgh says the latest version of Firefox solved this issue by preventing HSTS settings from carrying over to private browsing modes.

Safari is a bigger problem, however, as there is apparently no obvious way to delete the HSTS database on Apple devices like the iPad or iPhone, Greenhalgh says. HSTS flags are also synced with iCloud, making HSTS Super Cookie tracking even more persistent (at least in theory) when using Apple hardware.

HSTS Super Cookies only appear to work if you first visit a site in a non-private mode. Anyone visiting a site for the first time in private mode will not carry over an HSTS super cookie to their regular browsing.
Original Source Article is