American telecom network operator Verizon Wireless will be paying $1.35 million towards penalty as part of its settlement with FCC for using hidden tracking technology named supercookies for user-targeted advertising without the customers’ permission.
The so called ‘supercookies’ are unique, undeletable identifiers, commonly referred to as UIDH, can be inserted into the web traffic and used to identify customers in order to deliver targeted ads from Verizon and other third party partners of the company.
All telecom companies are bound to follow the Telecommunications Act and the FCC’s net neutrality rules which were passed in 2010, which not only require telecoms to treat all Web traffic equally, but also that the telecoms fully disclose all network management practices. The FCC revealed that it found that Verizon began using its consumer based supercookies in December 2012, and didn’t divulge the program details till October 2014, and hence violated the rules coming under the Open Internet Transparency Rule and the Section 222 of the Communications Act for nearly two years.
The 15-month long investigation of Verizon Wireless by the FCC’s Enforcement Bureau disclosed that even in the case of customers who regularly erased the cookies from their mobile browsers, the supercookies, or hidden code unique to each customer, were undeletable and functioned as a workaround to continue data collection.
Verizon Wireless was fined with an amount of $1.35 million and was told to adopt a three-year compliance plan, as a part of the settlement. Also, Verizon Wireless will be notifying its consumers about the targeted advertising programs, will obtain customers’ opt-in consent before sharing their UIDH with third party partners, and will obtain customers’ opt-in or opt-out consent before sharing their UIDH internally within the New York based company’s corporate family, as early as possible.
“Consumers care about privacy and should have a say in how their personal information is used, especially when it comes to who knows what they’re doing online,” said FCC Enforcement Bureau Chief Travis LeBlanc.
Though the penalty was small, the enforcement action displaying the FCC’s strategy to foray into privacy regulation has captured the attention of the telecom industry. The agency is also expected to consider first-time privacy rules for ISP’s that will make it mandatory for wireless and fixed broadband providers to get permission from users before they are subjected to online tracking.
Note that in June 2015, the FCC has also proposed a similar $100 million fine against AT&T Mobility for misleading its customers about the data speed limits on its so-called “unlimited” mobile data plans.
Tom Wheeler, the FCC chairman, is believed to circulate a proposal, this week, on privacy for the five-member agency to vote on at the end of this month.
The cellular carrier company has, in their defense, already altered some of its practices, over the past year, which were considered most invasive by the critics. The company said in an email statement that the FCC settlement portrays that it had already made adjustments to its ad programs that give consumers more choices.
“Over the past year, we have made several changes to our advertising programs that have provided consumers with even more options,” Richard Young, a Verizon spokesman, said. “Today’s settlement with the F.C.C. recognizes that,” Young added.
The opt-in consent for data sharing with third-party companies allows better control options for the consumer over online tracking by ad networks and data analytics firms. Also, this settlement has led to awareness on online privacy, leading to consumers implementing privacy measures such as deleting Web-browsing “cookies” and tiny files stored on their computers, which aid in tracking browser history. It also represents FCC’s interest to keep a check on consumer privacy.