The Federal Communications Commission will examine Verizon’s use of supercookies for potential privacy violations.
Verizon Wireless came under fire earlier this year from privacy advocates for using a tracking technology known as “supercookies” or “zombie cookies.” The technology -- which relies on injecting a unique code into a user's mobile traffic -- allows the company to track users' mobile Web browsing in order to serve them targeted ads. The injected code also enables Verizon and other companies to recreate information about people's Web activity, even if they delete their cookies.
Verizon said in January that it would change its practices and allow users to completely opt out of the mobile ad tracking scheme, but Sens. Ed Markey (D-Mass.), Richard Blumenthal (D-Conn.), and Bill Nelson (Fla.) weren’t satisfied and requested that the FCC look into the practice.
FCC chairman Tom Wheeler responded to the lawmakers in a letter dated March 23 that was released to the public on Thursday.
“We are looking specifically into carriers’ injection of header information and the collection and use of information about their subscribers’ Internet activity,” Wheeler wrote. “As you suggest, we will be considering the extent to which our rules and policies relating to consumer privacy, data security, and transparency may be implicated.”
As a common carrier, Verizon is subject to telecommunications rules that protect the privacy of customer proprietary network information, including call details, billing data, location information, and information on customers’ mobile devices.
“Our systems have been changed so that we automatically stop inserting the [identifier] for customers who opt out of our Relevant Mobile Advertising program or activate a line that is ineligible for our advertising programs,” Verizon Wireless said in a statement. “Verizon takes customer privacy seriously and it is a central consideration as we develop new products and services….we never share information with third parties that identifies our customers as part of our advertising programs.”
Lawmakers discovered Verizon’s supercookies following news reports in January that online ad company Turn was using the unique codes to track Verizon’s customers.
The FCC has made no secret of its intent to make consumer privacy a major priority. Under new enforcement chief Travis LeBlanc, the commission has already stepped up its enforcement in the area. This week, the agency brought its biggest data security case yet against AT&T, fining the wireless company $25 million over a consumer data breach that compromised the personal information of 280,000 customers.
AT&T ended its use of supercookies last November.