Mobile Internet is still on the rise and used by hundreds of millions of people around the globe to access the Internet. Mobile advertising is on the rise as well and with it comes the desire to track users to improve its effectiveness.
One way of doing that is to use data provided by mobile carriers. Back in 2014 it became known that two large mobile carriers from the United States -- Verizon and AT&T -- were injecting special tracking headers to mobile connections of their customers which advertisers could use to track users across the Internet by identifying them using provided data about customers.
It is nearly impossible for customers to tell if headers are injected when they connect to services, websites or other Internet resources as this happens on the network level.
Carriers receive all requests that users make when connected to their network. Carriers who inject tracking headers add a unique identifier to the (HTTP) request automatically before the connection to the actual resource is completed. The resource can then use the unique identifier to track users across the Internet.
Even more problematic than that is that advertisers can pay to access data profiles of customers provided by the carrier.
The information can be used to change content on the page or redirect users to a different page altogether.
The research paper "The Rise of Mobile Tracking Headers: How Telcos Around the World Are Threatening Your Privacy" a0a7cea86cc5eee2d1_kjm6ig8y3.pdf by the Internet rights organization Access highlights that tracking started much earlier than 2014.
Am I Being Tracked is an online tool that Access' researchers created for the study to find out how widespread the injection of tracking headers really is.
Simply visit the website using your mobile device, turn off WiFi if it is turned on, and click on the test now button.
The service returns whether your mobile carrier is injecting headers to connections you make or not.
Here is how it works:
Key Findings of the study
Mobile users have several options to prevent this from happening. First, all connections to secure sites (HTTPS) are not modified by carriers. While that is helpful, it leaves all regular (HTTP) connections vulnerable.
The use of a virtual private network puts an end to tracking and is currently the best option to block mobile carriers from injecting tracking headers.
Last but not least, you may want to consider switching to a carrier that is not injecting headers.
Now You: Are you being tracked by your mobile carrier?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.