O2 is facing a privacy backlash from users after reports emerged that the company was sharing subscribers’ mobile numbers to websites they visit over a 3G connection.
The info leak was highlighted yesterday by O2 customer Lewis Peckover, who set up a web tool that displays all the HTTP header information sent to sites by connecting web browsers.
Peckover posted details of how he spotted mobile phone number details when visitors went to his website from their handsets.
These strings of data include details such as the URL of the page requested, and the web browser and operating system versions used by the person visiting the site.
It is logical to conclude that this same information is sent to all other websites too, Peckover said.
“O2 seems to be transparently proxying HTTP traffic and inserting this header,” he said. “If you’re on O2’s UK mobile network (not ADSL), you’ll (probably) see a line beginning with x-up-calling-line-id – followed by your mobile phone number in plain text. It is logical to conclude that this same information is sent to all other websites too,” he added.
O2 said it was still looking into the claims.