Sorry, class, you don't get any extra credit for predicting this one. After some heated responses from consumers following the reveal of a controversial "supercookie" web traffic monitoring system, Verizon Wireless has announced that it will allow its customers to opt out of the lucrative and potentially dangerous advertising practice. Verizon Wireless spokeswoman Debi Lewis told The New York Times, "We have begun working to expand the opt-out to include the identifier referred to as the UIDH, and expect that to be available soon."
The system isn't technically using a "cookie" in the conventional browsing sense; UIDH stands for "unique identification header," a customized version of a standard HTTP header, in this case tailored specifically for Verizon. At present every website visited while using Verizon's mobile network generates a UIDH documented by Verizon, which is then used on an advertising backend to allow the network to sell targeted advertising. In general practice that's not all that bad - if you're browsing Android Police while logged into Amazon or Google, you're probably seeing at least some form of targeted advertising right now. But placing that UIDH in an unencrypted HTTP header and building it so that it's associated with a single Verizon customer allows for some serious abuses, including potentially tracking a user's entire web history. And because all of this is handled by Verizon, which in this case is acting as an ISP, there's no way for an end user to delete the "supercookie."
In addition to cries of outrage from the Electronic Frontier Foundation and privacy advocates in general, four US Senators from the Committee on Commerce, Science, and Transportation sent a letter to Verizon's CEO complaining about the insecure practice.
Verizon has not given a date for when a user-accessible method for deleting the "supercookie" information and preventing further tracking will be available. If you're a Verizon Android user concerned about privacy, you have a few options in the meantime: browse on a Wi-Fi network, use a mobile VPN service, or enable Chrome for Android's "reduce data usage" setting.
Source: The New York Times