Wireless carriers worldwide are still tracking users via "supercookies" or "perma-cookies," yet Americans are tracked by U.S. wireless carriers more than any other carrier in any other country.

Injecting tracking headers out of the control of users, without their informed consent, may abuse the privileged position that telcos occupy. Those tracking headers leak private information about users and make them vulnerable to criminal attacks or even government surveillance. It came to light in 2014 that Verizon Wireless and AT&T were injecting special tracking headers, aka "supercookies," to secretly monitor users' web browsing habits.

An online advertising clearinghouse relied on by Google, Yahoo and Facebook is using controversial cookies that come back from the dead to track the web surfing of Verizon customers.

The company is taking advantage of a hidden un-deletable number that Verizon uses to monitor customers’ habits on their smartphones and tablets. It uses the Verizon number to re-spawn tracking cookies that users have deleted.The company’s zombie cookie comes amid a controversy about a new form of tracking the telecom industry has deployed to shadow mobile phone users.

AT&T says it has stopped using a controversial mobile technology that could be misused by advertising networks to track online users regardless of their wishes. Until last week, the company had been inserting a unique identifier in web traffic sent by phones and other devices on its wireless network.

It was doing this as part of a test program, which has now been stopped. Privacy advocates hate these unique identifiers, because there’s no way to turn them off. That means that they can be used by advertising networks to circumvent privacy tools such as do-not-track lists or private browsing settings.