“Verizon users might want to start looking for another provider. In an effort to better serve advertisers, Verizon Wireless has been silently modifying its users' web traffic on its network to inject a cookie-like tracker. This tracker, included in an HTTP header called X-UIDH, is sent to every unencrypted website a Verizon customer visits from a mobile device. It allows third-party advertisers and websites to assemble a deep, permanent profile of visitors' web browsing habits without their consent.
Indeed, while we're concerned about Verizon's own use of the header, we're even more worried about what it allows others to find out about Verizon users. The X-UIDH header effectively reinvents the cookie, but does so in a way that is shockingly insecure and dangerous to your privacy. Worse still, Verizon doesn't let users turn off this "feature." In fact, it functions even if you use a private browsing mode or clear your cookies. You can test whether the header is injected in your traffic by visiting lessonslearned.org/sniff or amibeingtracked.com over a cell data connection.” - EFF
I continue to be amazed by the evil little ways companies mine your data…this time? “Header enrichment”.
“Verizon tracks its mobile subscribers' web surfing by tagging their traffic at the carrier level with a number called a UIDH (Unique Identifier Header). Verizon uses the system for two of its targeted advertising programs.
The type of tracking, known as "header enrichment," is controversial. AT&T stopped using the method last year after running tests, ProPublica reported in November 2014.” – Computerworld
How is it done? Well, everytime a user navigates to a url (any url), code is injected in the browsing request.
Turn (and other online advertising companies) use cookies stored in the browser. So? you clear cookies, problem solved!
Nope:
“Turn, however, can re-create one of its deleted cookies by looking at Verizon's UIDH, a practice that critics say is invasive. It's called a "zombie" cookie.”- ibid
Want to negate the info collection? Here’s how (Mobile apps first, Desktop second):
Something else to consider: These Telcom companies have consumers over the barrel. Switching from one to another is no assurance you’ve solved the problem. It is also very disturbing to learn that while you might be a customer, you’re “Class B”, and there are other “Class A” customers who might not even use their communications services, but feed off your data over which you have no control.
A relatively cheap VPN should help turn the trick, however and if you do banking, etc. on your mobile device WITHOUT a VPN, your data being mined isn’t the worst of your problems.
To be honest, Verizon deserves to lose business and if its customers are roped into contracts, they’ll be smart and start using VPNs.
Sources:
http://www.computerworld.com/article/2871022/how-to-shield-yourself-from-verizons-mobile-tracking.html
https://www.eff.org/deeplinks/2015/01/which-apps-and-browsers-protect-you-against-verizon-and-turns-non-consensual
https://www.eff.org/deeplinks/2014/11/verizon-x-uidh