Verizon Makes Mobile Privacy an Option

| News

Verizon Wireless made some changes this week to it’s privacy policy that may be of interest to its customers. Unless you opt-out, it will begin using information about what websites you visit, what apps and features you use, and where you’ve been when using devices on their network.

Mobile Privacy

In a notice available on the Verizon website, the company outlined two new uses of customers’ information. The first use will be in marketing and other business reports. The second use will be to provide information that is more relevant to individual customers. Verizon stated that these new uses “will not share any information that identifies you personally.”

These new uses will include the following types of information:

Mobile Usage Information:

  • Addresses of websites you visit when using our wireless service. These data strings (or URLs) may include search terms you have used
  • Location of your device (“Location Information”)
  • App and device feature usage

Consumer Information:

  • Information about your use of Verizon products and services (such as data and calling features, device type, and amount of use)
  • Demographic and interest categories provided to us by other companies, such as gender, age range, sports fan, frequent diner, or pet owner (“Demographics”)

This information will be used by Verizon to generate reports that indicate how many people of a particular demographic took part in a given activity (e.g., in a particular state, 50,000 mobile phones visited XYZ website). The information will also be shared with other companies to allow them to generate their own reports.

The other new use of this information is to target ads to your location, demographics, and preferences. Advertisers will be able to focus their efforts on customers in their markets. And customers will have fewer ads not relevant to them. Again, information that identifies you personally with not be shared.

This is similar to what Google and Apple both do with user location data on Android and iOS devices, though both firms have made doing so an opt-in process, rather than opt-out. Both companies have also been hauled in front of Congress, too, as legislators began investigating whether or not user privacy was being violated.

This policy is an opt-out policy. Unless customers request it, they will participate in providing information for these purposes. However, it’s a fairly simple process to opt-out if this is something you would rather not do. You can go to the company’s website www.vzw.com/myprivacy and make your wishes known there, or you can call 866-211-0874. Shared plans will be able to adjust this preference on a line-by-line basis.

No date was listed indicating when these changes would go into effect, which means they probably already have.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

archimedes

Exactly how is this information collected on the iPhone?

For example, does the iPhone log and report to Verizon the iPhone apps (e.g. Angry Birds) and device features (e.g. camera, GPS) you’ve used?

Does Safari report the full URLs sent to an encrypted web site such as Facebook, Gmail, or even https://google.com, to Verizon?

How did Verizon convince Apple to add these new tracking features to the iPhone?

intermedian

Apple didn’t need to add any ‘tracking features’ to allow Verizon to collect this data.

Verizon already knows the full web address of every request made on its mobile networks.  It also knows which device is making the request, regardless of whether it is an iPhone, Android phone or even a non-smartphone.

With those two pieces of information, they can conduct the tracking data mentioned in the article.  If you opt out, they will still have access to the information, they just won’t use it in their reports.

archimedes

Verizon already knows the full web address of every request made on its mobile networks.

That’s not how HTTP works. The only part of the URL that Verizon “sees” is the DNS request to Verizon’s DNS server, requesting the IP address for the web server’s domain name. For example, if you go to http://google.com/whatever, the iPhone does a DNS lookup on google.com, NOT including the “whatever” part. The “whatever” part is only included in the HTTP GET request. If you go to https://google.com/whatever, then the GET request is encrypted, which would make it difficult for Verizon to get the complete URL without breaking the encryption or, say, hacking a certificate authority to issue bogus certificates for google.com.

So I repeat my question: how exactly does Verizon determine the complete URLs of sites (particularly https sites like Facebook and Gmail) that you visit with your iPhone?

And how does it get the other information I mentioned, such as use of iPhone features (e.g. camera) and a log of iPhone app usage?

Fred

Archimedes,

They use Deep Packet Inspection (DPI) to look at the URLs and any other information you are sending unencrypted.

App usage tracking is probably restricted to Verizon Android phones (where they control the software installed on the phone).

Log-in to comment