Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday October 18 2017, @01:22AM   Printer-friendly
from the can-you-find-me-now? dept.

Submitted via IRC for TheMightyBuzzard

Last year, you might remember that Verizon was in the news for reaching an agreement with the FCC. The issue centered around the tracking of its customers without consent. In reality, carriers have been doing this for years, but privacy advocates like the Electronic Frontier Foundation asked Verizon and the FCC to put a stop to it. In the end, Verizon agreed to stop tracking customers unless they expressly agreed to opt-in to the program. The agreement between Verizon and the FCC was roundly seen as a win by privacy advocates and consumer rights groups.

Unfortunately, it looks like the practice is still in effect. Philip Neustrom, the co-founder of Shotwell Labs, recently found two demo websites that would return account details if visited from a mobile connection. By simply entering a zip code and clicking a button, the site would spit out the full name, current location, and more information.

It would appear that these sites are grabbing the information from the same process that Verizon got busted for. That program, the Unique Identifier Header, added information to HTTP requests from Verizon customers and then, for a fee, would let websites see the info. AT&T has a similar plan called the "Mobile Identity API".

You know what would fix this? A few more mergers.

Source: https://www.androidauthority.com/verizon-att-selling-information-807684/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by frojack on Wednesday October 18 2017, @03:01AM

    by frojack (1554) on Wednesday October 18 2017, @03:01AM (#583782) Journal

    AT&T describes their Mobile Identity API as follows:
    https://www.prnewswire.com/news-releases/att-helps-businesses-improve-mobile-transaction-security-with-new-mobile-identity-api-toolkit-236142081.html [prnewswire.com]

    Note that contrary to the title of this thread (which came from TFA), it says nothing about current location.
    It talks about name address phone number, which are all described as for the benefit of the subscriber who might be trying to buy a product on line.

    I would expect the vendor probably needs just about all that information for most/many sales, banking transactions, etc. You kind of expect to cough that up when you buy something.

    However no where does the AT&T page say who can/can not request(buy) this information. It mentions opt-in, but never explains how this is done, or undone.

    The page does not mention current location at all. So where did that title come from? (Speaking specifically about TFA here).

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3