Published in Mobiles

Verizon gets fined for secretly tracking customers without opt-out

by on10 March 2016
Verizon gets fined for secretly tracking customers without opt-out


Violated FCC's Open Internet Transparency Rule

In 2014 and 2015, Verizon was found secretly inserting a small piece of web code into all mobile web traffic to track its customers for advertisement purposes. The so-called “supercookies” were unavoidable, with no way to opt-out, even if customers opted out of advertisements. As of this week, the wireless giant finally had the case settled in court at the tune of a rather small $1.35 million fine by the FCC.

The order, dated March 7, 2016, finds that Verizon Wireless began inserting Unique Identifier Headers (UIDH) – or “supercookies” – into consumers’ Internet traffic over its wireless network as early as December 2012, but did not disclose the practice until October 2014. Even so, it was not until March 2015 that Verizon updated its privacy policy to include information about supercookies. Nevertheless, the FCC found that at least one of the company’s advertising partners used them “for unauthorized purposes to circumvent consumers’ privacy choices by restoring deleted cookies.” On top of this, they were inserted into wireless lines that had no way of opting out from Verizon’s targeted advertisement programs – including enterprise lines, government lines, and Mobile Virtual Network Operator (MVNO) lines.

verizon supercookies diagram
How Supercookies work (via Forbes.com)

In November 2014, the FCC began investigating whether or not Verizon’s disclosure of supercookies was in compliance with the Open Internet Transparency Rule, specifically Section 222. According to the order, “The Transparency Rule” requires broadband internet access service (“BIAS”) providers, including wireless broadband providers, to disclose “accurate information” about their services in a matter that is “sufficient for consumers to make informed choices regarding such services.”

This isn’t the first time Verizon has come under fire for violations of customer privacy. In September 2014, the company was fined $7.4 million by the FCC because it had failed to send out notices to over 2 million customers allowing them to opt-out of having their information sold for marketing purposes. The company pledged at the time to adopt a 3-year compliance plan to inform customers of their privacy rights.

In addition to the new $1.35 million FCC fine on Monday, Verizon will also be obligated to adopt yet another 3-year compliance plan that notifies customers about targeted ad programs, obtains “opt-out” consent before sharing supercookie data with third parties, and creates an “opt-out” option for supercookies themselves.

“Over the past year, we have made several changes to our advertising programs that have provided consumers with even more options,” Richard Young, a Verizon spokesman, said on Monday. “Today’s settlement with the F.C.C. recognizes that.”

As the New York Times reports, FCC Chairman Tom Wheeler is expected to make a new proposal in the next week that may provide more wireless customer protection against these types of unconsented privacy violations.

“Consumers care about privacy and should have a say in how their personal information is used, especially when it comes to who knows what they’re doing online,” FCC Enforcement Bureau Chief Travis LeBlanc said in a statement. “Privacy and innovation are not incompatible. This agreement shows that companies can offer meaningful transparency and consumer choice while at the same time continuing to innovate.”

Last modified on 10 March 2016
Rate this item
(2 votes)
Tagged under
More in this category: « IDC says iPad fad fading LG G5 launches in the US in early April »
back to top

Most popular - Mobile

Latest comments

Read more about: