Verizon is either very dumb or they think you are

[as always, my personal technical opinions here]

Verizon Wireless sells out customers with creepy new tactic – latimes.com.

The LA Times author laments helplessly for most of the linked article. First, he claims Verizon is more evil than Google or Yahoo (who also effectively sell your data) because Verizon charges more up front. Well, I do agree companies that make money off our personal data should give us a cut or a discount, assuming we opt-in at all. It’s our data, right?

But the issue isn’t how badly Verizon is ripping us off relative to other companies. That’s a whole other box of lame.

Here the author gets closer:

Customers may be hard-pressed to understand fully what’s going on with the “enhanced” program. The Verizon Wireless notice is decidedly short on details.

Again, none of the companies listed in this post do a good job of “informed consent” IMO. If what Verizon is doing is not so bad, then people should be able to come to that conclusion given the honest facts, explained in terms they can understand, and then agree.

Were you aware of this? Probably not. Did you agree? Probably not.

But it gets better:

Debra Lewis, a Verizon Wireless spokeswoman, explained to me that when a customer registers on the company’s “My Verizon” website to see a bill or watch TV online, a “cookie,” or tracking software, is downloaded onto the customer’s home computer.

Most cookies are benign, allowing websites to provide better service to frequent visitors.

Verizon Wireless’ cookie allows a data-collection company working on Verizon’s behalf — Lewis declined to name which one — to gather information on which sites you visit after you leave “My Verizon.”

Hint: it could be any of these trackers, found by visiting the offending site with Ghostery installed.

  • Acxiom
  • Adobe Test & Target
  • Bazaarvoice
  • BlueKai
  • DoubleClick Floodlight
  • ForeSee
  • Gomez
  • Monetate
  • Omniture (Adobe Analytics)

You may want to install Ghostery and start blocking almost everything like this. These trackers do you no good, and you can put the few exceptions you need in the settings. You will be surprised to see how many tracking turds are quietly slipped into your pocket. The worst part is, if I go to Verizon’s site to find out how to opt out of this bullshit, I apparently get tracked for it…

Here’s the actual opt-out information, btw. FWIW, I collected the above list of trackers after ensuring I was opted out on the site. I guess they promise, on behalf of these random third party trackers, the data won’t be shared…

Sure.

But it gets even crazier:

That information is “anonymized,” Lewis said, to mask the Verizon customer’s identity and is then shared with marketers, which can use the info to provide ads on the customer’s Verizon Wireless device that match his or her home-computer interests.

What makes this all potentially class-action-worthy IMO (IANAL) is that Verizon claims that by simply replacing your name with a unique ID, the service is anonymous and therefore safe.

“In addition to the customer information that’s currently part of the program, we will soon use an anonymous, unique identifier we create when you register on our websites.”

Does anyone else remember when AOL put their carefully anonymized search logs out on the internet…

It took almost no time for someone to figure out a lot of who was who despite the obfuscation, because the same “anonymous” IDs were used for each search by the same person, over and over, and could therefore be accumulated and cross-referenced. Simple deduction, Watson.

How hard will it be for a 3rd party marketer, given a list of your most frequent locations and your “double secret anonymous” ID, to look up the address of said frequent locations, and a few ownership records of your most frequent location (where you spend roughly half your life) and forever associate your real name and secret ID?

When combined with other websites that you may sign into, how hard would it be to discover your other usernames, some already tied to your real name, and tie them all together into a single linked identity and activity file you never get to see?

Not at all. It’s already common.

There is an actual body of research behind anonymizing people and GPS coordinates that Verizon seems to be [negligently, IMO] ignoring. There are viable techniques to present targeted ads (based only on what Verizon knows about you) without leaking that data to any third party.

Any claims of effective anonymity after sharing this kind of data with third parties are IMO false and misleading. They’re counting on everyone being dumb. Don’t be.

 

Leave a Reply

Your email address will not be published. Required fields are marked *