SUBSCRIBE
SUBSCRIBE
EXPLORE +
  • About infoDOCKET
  • Academic Libraries on LJ
  • Research on LJ
  • News on LJ
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Libraries
    • Academic Libraries
    • Government Libraries
    • National Libraries
    • Public Libraries
  • Companies (Publishers/Vendors)
    • EBSCO
    • Elsevier
    • Ex Libris
    • Frontiers
    • Gale
    • PLOS
    • Scholastic
  • New Resources
    • Dashboards
    • Data Files
    • Digital Collections
    • Digital Preservation
    • Interactive Tools
    • Maps
    • Other
    • Podcasts
    • Productivity
  • New Research
    • Conference Presentations
    • Journal Articles
    • Lecture
    • New Issue
    • Reports
  • Topics
    • Archives & Special Collections
    • Associations & Organizations
    • Awards
    • Funding
    • Interviews
    • Jobs
    • Management & Leadership
    • News
    • Patrons & Users
    • Preservation
    • Profiles
    • Publishing
    • Roundup
    • Scholarly Communications
      • Open Access

November 5, 2014 by Gary Price

Privacy: It’s Time for the Library Community To Speak Up About Verizon and AT&T Use of X-UIDH Header to Track Wireless Web Users

November 5, 2014 by Gary Price

UPDATE November 14: AT&T Stops Using Undeletable Phone Tracking IDs But Verizon Continues Usage
About a week ago we learned from a report by Wired’s Robert McMillan that Verizon was adding a Unique Identifier Header (UIDH) that’s often referred to as a permacookie to web traffic that moves across their network.
Since this report broke it has been reported that AT&T is also doing the same thing. As an AT&T customer I can confirm I can see the header being added to my web traffic. Links for you to check your traffic are found below.
Each permacookie is unique to the device being used and clearing cookies makes little difference. It is not possible to turn the UIDH off.
From the Wired Article:

Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.

In the past few days, the Electronic Frontier Foundation (EFF) has also published a blog post on the use of this header.
From the Post:

It allows third-party advertisers and websites to assemble a deep, permanent profile of visitors’ web browsing habits without their consent.
[Clip]
The X-UIDH header effectively reinvents the cookie, but does so in a way that is shockingly insecure and dangerous to your privacy. Worse still, Verizon doesn’t let users turn off this “feature.” In fact, it functions even if you use a private browsing mode or clear your cookies.

The 1660 word post goes on to provide details about this header works including:

Unlike a cookie, the header is tied to a data plan, so anyone who browses the web through a hotspot, or shares a computer that uses cellular data, gets the same X-UIDH header as everyone else using that hotspot or computer. That means advertisers may build a profile that reveals private browsing activity to coworkers, friends, or family through targeted advertising.

What About Your Smartphone or Wireless Device

We encourage you to read the complete blog post and also utilize one or both of the following web sites to see if your wireless traffic has the header assigned to it.
With wi-fi turned off on a device utilizing the Verizon or AT&T networks visit LessonsLearned.org/sniff and/or AmIBeingTracked.com and make sure to read the caveats and info provided.

Solutions?

1. Have the wireless providers stop using them.
2. If that doesn’t happen and as the articles point out the use of a VPN (Virtual Private Network, from provider you trust) will stop the header from appearing in your web traffic that flows through Verizon and AT&T. There are thousands of VPN providers to try. I have used several VPN services and currently use AirVPN. I have also been impressed with what Zenmate.io is up to. Again, there are many services to select from. Using a VPN that you can control adds more encryption to all of your web traffic (independent of source) and can offer other benefits.

Now What?

1. Individually, let the FCC and FTC now that these headers are a bad idea.
2. As a Professional Community:
Professional organizations should speak up and force Verizon, AT&T and likely others to explain what’s going on.
As we’ve written many times on infoDOCKET user privacy is consistent with what we are taught and what we do. It’s something the library community has spent many years working very hard towards and earning the trust of library users along the way. It’s not the time to give up as we continue to move into the digital age.
Additionally, even if tracking and other digital privacy issues are NOT a cause of concern for you as an Internet user don’t forget that others may feel differently. Everyone has a different comfort level when it comes to privacy and as a community we need to work towards supporting those who have concerns. The library should play a role as the “go to” resource in a community for those interested in learning about online privacy and security.
Bottom Line: Awareness of issue(s), educating ourselves and our users, discussion, and if needed, working together to make changes.

Additional Reading

  • ProPublica: Somebody’s Already Using Verizon’s ID to Track Users
  • Forbes: The Privacy Lowdown On Verizon and AT&T’s Smartphone ‘Permacookies’

Filed under: Associations and Organizations, Data Files, Libraries, News, Patrons and Users

SHARE:

About Gary Price

Gary Price (gprice@gmail.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com. Gary is also the co-founder of infoDJ an innovation research consultancy supporting corporate product and business model teams with just-in-time fact and insight finding.

ADVERTISEMENT

Archives

Job Zone

ADVERTISEMENT

Related Infodocket Posts

Ithaka S+R Releases "A*CENSUS II: Archives Administrators Survey" Findings

From an Ithaka S+R Blog Post by the Report’s Author, Makala Skinner:  On Tuesday, January 31, we published the A*CENSUS II Archives Administrators Survey findings. The Archives Administrator Survey Report is ...

“Food is a Right: Libraries and Food Justice" (A New White Paper From the Urban Libraries Council)

From the Urban Libraries Council (ULC): The Urban Libraries Council (ULC) announces today the release of its latest white paper, “Food is a Right: Libraries and Food Justice,” which addresses ...

Standards: W3C Re-Launched as a Public-Interest Non-Profit Organization; eLife’s New Model: Open for Submissions; & More News Headlines

Annual Report 2022: Highlights from the Data Curation Network arXiv Announces New Policy on ChatGPT and Similar Tools (via arXiv Blog) COPE in 2023 (via Committee on Publication Ethics) eLife’s ...

Journal Article: "A Free Toolkit to Foster Open Access Agreements"

The article linked to below was today published by Insights. Title A Free Toolkit to Foster Open Access Agreements Authors Alicia Wise Information Power Lorraine Estelle Information Power Source Insights 36 ...

Six Libraries Partner With GPO To Preserve Government Information

From the Government Publishing Office (GPO): Libraries at the University of Montana, the University of Memphis, and the University of Tennessee, Knoxville have signed Memorandum of Agreements with the U.S. ...

Michigan: Grand Rapids Public Library Finds Rare Set of 'Magic Lantern' Slides Showing Early Tuskegee Institute

From Fox 17 (Grand Rapids): The folks over at the Grand Rapids Public Library made a fascinating discovery while digging through their massive archives back in March 2021, and are ...

Journal Article: "Knowledge Work in Platform Fact-Checking Partnerships"

The article linked below was recently published by the International Journal of Communication. Title Knowledge Work in Platform Fact-Checking Partnerships Authors Valérie Bélair-Gagnon University of Minnesota-Twin Cities, USA Rebekah Larsen ...

State Library Looks to Install Book Vending Machines Around North Dakota; A Guide to Communicating With Others: Messaging...

A Guide to Communicating With Others: Messaging Apps (via Privacy International) De Gruyter Acquires Mercury Learning and Information Report by the French Committee for Open Science Working Group on Electronic ...

Just Released: Calculators Now Emulated at The Internet Archive (The Calculator Drawer)

From an Internet Archive Blog Post by Jason Scott: It’s time to add another family of emulated older technology to the Internet Archive. The vast majority of platforms within what ...

Journal Article: "Crossref as a Bibliographic Discovery Tool in the Arts and Humanities"

The article linked below was recently published by Quantitative Science Studies. Title Crossref as a Bibliographic Discovery Tool in the Arts and Humanities Authors Ángel Borrego Universitat de Barcelona, Melcior ...

Montana: ImagineIF Trustees Hold Special Meeting on Library Security Concerns; Pennsylvania: Philly’s Free Library is Making Space for...

Colorado: Suspensions Increase at Pikes Peak Library District Under New Security Protocols (via The Gazette) Montana: ImagineIF Trustees Hold Special Meeting on Library Security Concerns (via Daily Inter Mountain) North ...

Not Real News: An Associated Press Roundup of Untrue Stories Shared Widely on Social Media This Week

From the Associated Press: A roundup of some of the most popular but completely untrue stories and visuals of the week. None of these are legit, even though they were ...

ADVERTISEMENT

FOLLOW US ON TWITTER

Tweets by infoDOCKET

ADVERTISEMENT

This coverage is free for all visitors. Your support makes this possible.

This coverage is free for all visitors. Your support makes this possible.

Primary Sidebar

  • News
  • Reviews+
  • Technology
  • Programs+
  • Design
  • Leadership
  • People
  • COVID-19
  • Advocacy
  • Opinion
  • INFOdocket
  • Job Zone

Reviews+

  • Booklists
  • Prepub Alert
  • Book Pulse
  • Media
  • Readers' Advisory
  • Self-Published Books
  • Review Submissions
  • Review for LJ

Awards

  • Library of the Year
  • Librarian of the Year
  • Movers & Shakers 2022
  • Paralibrarian of the Year
  • Best Small Library
  • Marketer of the Year
  • All Awards Guidelines
  • Community Impact Prize

Resources

  • LJ Index/Star Libraries
  • Research
  • White Papers / Case Studies

Events & PD

  • Online Courses
  • In-Person Events
  • Virtual Events
  • Webcasts
  • About Us
  • Contact Us
  • Advertise
  • Subscribe
  • Media Inquiries
  • Newsletter Sign Up
  • Submit Features/News
  • Data Privacy
  • Terms of Use
  • Terms of Sale
  • FAQs
  • Careers at MSI


© 2023 Library Journal. All rights reserved.


© 2022 Library Journal. All rights reserved.