Verizon's decision to insert a tracking header into mobile Web traffic is raising eyebrows on Capitol Hill, where some lawmakers are vowing an investigation.
“We certainly want to make sure that in this time of ubiquity of eyes prying all around in this electronic age that we are living, that we preserve the rights of privacy for all individuals,” Sen. Bill Nelson (D-Fla.) said Thursday afternoon in the Senate.
Verizon quietly started inserting headers, called UIDHs, into all unencrypted Web traffic in 2012. But the practice didn't draw much attention until last year, when privacy advocates raised concerns that ad networks could track people with the headers -- which can't be deleted by users.
Verizon said on its Web site that it wasn't likely that outside companies would use the headers for tracking because they change frequently.
But several weeks ago, Stanford's Jonathan Mayer published a report showing that the online ad company Turn drew on Verizon's header to send behaviorally targeted ads to people -- even when they attempted to avoid tracking by deleting their cookies.
Turn said that it would stop doing so shortly after that report was published.
For its part, Verizon recently told The New York Times that it's considering whether to let users opt out of having UIDH headers inserted in their traffic.
Meanwhile, Nelson says that he and other lawmakers -- Sens. Ed Markey (D-Mass.), Richard Blumenthal (D-Conn.) and Brian Schatz (D-Hawaii) -- will press Verizon to address the privacy concerns raised by Mayer's report. Among other issues, they intend to seek answers from Verizon about when it learned that Turn used the header for tracking purposes, and whether any other ad companies are doing the same.