Researcher catches AT&T injecting ads on free airport Wi-Fi hotspot

When computer scientist Jonathan Mayer was in Washington Dulles International Airport, he logged onto an AT&T Wi-Fi hotspot and soon noticed that websites were showing a lot more ads than usual. The website of Stanford University, where Mayer conducts security and privacy research, was showing ads for a jewelry store and AT&T. "Last I checked, Stanford doesn’t hawk fashion accessories or telecommunication service. And it definitely doesn’t run obnoxious ads that compel you to wait," Mayer said.

Ad-supported news sites like The Wall Street Journal had extra ads on top of them. Federal government websites were showing ads for both AT&T and other businesses. "Curious, and waiting on a delayed flight, I started poking through web source. It took little time to spot the culprit: AT&T’s Wi-Fi hotspot was tampering with HTTP traffic," Mayer wrote. The hotspot ads are similar to ones delivered by Comcast. It's also common for free Wi-Fi networks at airports to require users to watch an ad before logging on, but they don't necessarily show extra ads on top of websites after giving the user full access to the Web. AT&T could argue that injecting ads doesn't violate the ban on throttling since customers can still view the websites. The Federal Communications Commission's transparency rules require disclosure of privacy policies, and AT&T includes a privacy policy on its Wi-Fi terms of service, though it doesn't mention ad injection.