At least nine telecommunication companies around the world use so-called super cookies to secretly monitor their customers' online behavior, according to a new study.
Super cookies impose a unique token for each subscriber being injected into each HTTP request that is made over a mobile telephony network of a telecommunications company.
Can not be removed by the user: Allows ad networks and media publishers to track users across the Internet even if they clear their cookies.
Super Cookies allow networks to create profiles that include user habits, so they can serve targeted ads while phone companies receive their rates.
After a six-month investigation by the digital rights team has shown that overseas telephone companies use super-cookie techniques.
The activist group Access has even set up a website called Amibeingtracked.com, tracking visits from 180.000 internet users. The team found that 15,3% of visitors had tracking installed headers on their mobiles from sales companies in Canada, China, India, Mexico, Morocco, Netherlands, Peru, Spain, USA, and Venezuela.
Verizon, AT&T, Bell Canada, Bharti Airtel, Cricket, Telefonica de España, Viettel Peru Sac, Vodafone NL, and Vodafone Spain all used Super Cookies technology.
The samples collected from the site showed a large degree of variation for which ones data συλλέγονται και μεταφέρονται με τη χρήση της τεχνικής. Μερικές τηλεφωνικές εταιρείες κρυπτογραφούν τις information header, but some still send the data in plain text. In some cases, the user's phone number is even included.
"Not all organizations monitor their users, and those who respect privacy deserve our support," the study said.PDF].
The only way to stop this data leak is to limit your internet browsing to only websites that use HTTPS which is currently impossible.