Most people probably don’t think about what happens to the data involved in an exchange between their mobile device and the carrier they’re requesting the data access from(in this case, Verizon Wireless-the ISP)but if you’re a subscriber on Verizon Wireless apparently your browsing is being tracked with something called a Unique Identifier Header,(being referred to as super cookies, or zombie cookies as they can reappear and persist through deletion)which Verizon can and apparently does send off to Advertising Exchanges by way of the destination or third party website, which in turn pays for Verizon to send targeted ads back to your smartphone. This sort of scenario perhaps wouldn’t seem so sneaky if the UIDH was removable but according to the source it is not, so opting out of having your browsing tracked and than injected with these unique identifier headers is something that is seemingly just not possible.
The main issue with the UIDH seems to focus on the fact that Verizon is the one injecting these temporary ID’s meaning they’re tracking your browsing through web based HTTP requests when you actually use the browser on your phone, and they can track your browsing through apps too. Presumably you could normally clear your cookies out and reset, but the way the unique identifiers work is that even after you clear out your cookies the advertisers can reconstruct your ID cookie with the header Verizon has provided. Jonathan Mayer who is a computer scientist points out that he was able to find one such company that was using the unique headers provided by Verizon to track customers and serve them up targeted ads, called Turn
Turn uses these unique ID headers to collect your data no matter if you’ve opted out by clearing your cookies or not, because the header itself allows them to re-identify you and link your browsing and cookie history before and after the deletion of cookies. In a time when people’s online privacy is something that seems to matter quite a bit to most, this is something that is a shady practice at best. That’s bad news. The worse news is that there really is no viable option for getting out of this type of data collection unless you either mask your browsing through a virtual private network, or switch carriers, both which might not be an option at all for some users either. You can find the full breakdown of all the technical information at Jonathan Mayer’s blog listed in the source if you want all the details.