‘Supercookies’ Have Privacy Experts Sounding the Alarm

Since the beginning of April, customers of some phone companies in Germany have had a slightly different browsing experience. They were part of a trial called TrustPid, where they didn't see ads through third-party tracking cookies.

TrustPid is a company that allows mobile carriers to generate pseudo-anonymous token based on a user's Internet Protocol address. Each user is assigned a different token for each website they visit, and these can be used to provide personalized product recommendations. Critics have raised hackles over the part that is privacy friendly.

According to the Internet Advertising Bureau, digital ads were worth $189 billion last year. The ad industry relies on intrusive monitoring of peoples online activities, including websites they visit, what they post, and more.

The company running the trial in Germany is using TrustPid to allow advertisers to gain value from customer insights while also keeping users' data private. Some people disagree. Internet privacy experts have labeled TrustPid a supercookie, a piece of technology that links a crumb of data to a user's IP address and mobile phone number. They are concerned about how network operators are co-opting what is meant to be a simple passage of communications data to transform it into a targeted advertising platform. WIRED did not get a response from the company. It's all a misunderstanding according to the company.

The TrustPid service is not a supercookie according to the senior manager of corporate communications at the company. The technology is based on digital token which does not contain any personally identifiable information. There is a limited lifespan of 90 days for each token.

The project isn't a supercookie because it doesn't use data interception to build up customer profiles, unlike the ad tech once used by the FCC. An investigation by Access Now found that carriers used supercookies in 10 different countries. The negative headlines are the reason whyVodafone is against the supercookie designation.

TrustPid, which has each partner website generate a different token for the same user, reduces the likelihood of user data being triangulated across websites to create extensive profiles of user interests. The technology has been built following a privacy-first design and complies with all the requirements of the European Union's General Data Protection Regulation.