O2 sending mobile numbers to websites when browsing the web?

WP Central

O2 has come under fire as reports are coming through of the network sharing mobile numbers with websites when browsing the web via 3G. Whenever you connect to a website from a mobile device you provide information detailing what model the phone is as well as the web browser. This data enables that website to be displayed more effectively for your handset (taking into account different screen resolutions as an example).

It seems O2 is going one step further by providing actual phone numbers in with this data, which would unacceptable as malicious websites could use this information to contact the user, and it would be a breach of the Data Protection Act. Check out the below capture of an O2 number being sent with the header data.

O2 Web Numbers

Twitter user @lewispeckover has set up a webpage (seen above) that displays HTTP header information sent by the connecting device, so you can check for yourself whether your carrier is sending your number to every website you visit. Scary stuff. We checked on Three UK and everything seems normal. Let us know in the comments or in the WPCentral Forum's discussion if you try out the script (your number will be displayed after "x-up-calling-line-id" if it's being sent) and can see your number displayed.

Data Protection Watchdog has since issued a statement on the situation:

"When people visit a website via their mobile phone they would not expect their number to be made available to that website. We will now speak to O2 to remind them of their data breach notification obligations, and to better understand what has happened, before we decide how to proceed."

Source: Sky News, via: WPCentral Forum, Android Central


Reader comments

O2 sending mobile numbers to websites when browsing the web?


Really? According to O2 they're still looking into it, and the commissioner's office is still going to report on the findings. It's good to have this information up so consumers are aware of the breach nonetheless.

O2 only fixed the problem this afternoon (UK time) and only when everyone knew about it. If websites don't publish the information O2 sure as hell aren't as there still isn't anything obvious on their homepage to reassure their customers.

I saw this on Twitter by a Guardian writer but I checked it earlier both on my Edge and HDSPA and it wasn't displaying my phone number. I'm on 02 with a HD7

This is just another reason why we need VPN capabilities built into the phone. The main reason would be increase security when using WiFi hotspots while out and about