The US carrier Verizon appears to be gathering personal data on its clients and selling it to advertisers. Wired and Forbes have claimed that the two largest mobile phone carriers in the United States, Verizon and AT&T, are adding the tracking number to their subscribers' Internet activity, even when users opt out
Howver the data can be used by any site to build a dossier about a person's behaviour on mobile devices including which apps they use, what sites they visit and for how long. MoPub, acquired by Twitter in 2013, bills itself as the "world's largest mobile ad exchange." It uses Verizon's tag to track and target mobile users for ads, according to instructions for software developers posted on its website. AT&T insists its actions are part of a test. Verizon says it does not sell information about the demographics of people who have opted out.
However it appears Verizon is service, called Precision Market Insights, has become popular among ad tracking companies that specialise in building profiles' of user behaviour and creating customised ads for those users. Companies that buy the Verizon service can ask Verizon for additional information about the people whose unique identifiers they observe. An executive from an ad tracking company Run told an industry trade publication that his outfit was excited about how carrier level ID, lets him track with certainty when a user, who is connected to a given carrier, moves from an app to a mobile Web landing page.
In addition, in a promotional video for Verizon's service, ad executive Chris Smith at Turn, touted "the accuracy of the data," that the company receives from Verizon. Advertisers who don't pay Verizon for additional information still receive the identifier only Verizon changes the identifier to make sure that an outsider can’t build a profile. Vodafone, a British telecom, admitted it inserts a similar identifier into some mobile traffic but it was not by default and the outfit did not routinely share information with the websites our customers visit.
ProPublica found a handful of Vodafone identifiers in its logs of website visitors and more than two thirds of AT&T and Verizon visitors to ProPublica's website contained mobile identifiers.
There seems to be no way to opt out either. Google has proposed a new Internet protocol called SPDY that would prevent these types of header injections. Of course, the US telecom companies are lobbying against it and this probably explains why.