No Verizon tracking at

We’re pretty horrified by the recent revelation that Verizon is adding tracking codes to its customers’ web browsing.

Verizon claims that this code is in a database that doesn’t get shared, but that’s not good enough. As the article we linked to mentions, any site that can tie a user’s personal information to that tracking code can sell that information and a database can be constructed. At that point, any traffic from a phone, even if run in a private or incognito mode, can be tied to the phone’s owner by the site that’s being visited unless the site use the HTTPS protocol.

We strongly advise that sites disable this header on their systems. At we have set this Apache directive:

RequestHeader unset X_UIDH early
RequestHeader unset HTTP_X_UIDH early

This ensures that the tracking code will be removed before any of our scripts run, so we won’t be able to tie Verizon’s tracking to any of our visitors (even accidentally).

If you use Verizon, try to only connect to sites using the HTTPS protocol (secure web sites) or ones that are known to remove that tracker.

Tin can on a string

What Verizon users may have to do to in the future to communicate safely.