Telkom, Indonesia’s largest teleco company, hasn’t enjoyed the greatest reputation over the years, but they’re not bad at what they do as an ISP with their Speedy service. On the other hand, their sister company Telkomsel, which serves the mobile industry, has been injecting ads into users browsing over 3G for a while now.
Looks like Telkom didn’t want to miss out on the extra cash.
So yes, Telkom Speedy is now injecting ads into websites you visit — even if you’re a paying customer.
I first learned about this on this very blog - a conspicuous gap at the bottom, after my footer, appeared:
I panicked for a second, worried my host got compromised. Right before I speed-dialed their support line, I used Chrome’s devtools to check out what was going on…
A website called u-ad.info was injecting Google Analytics (holy shit, what?) and other reporting information. Aaaand, who owns this site?
Yeah, Telkom. Now, to be clear, it turns out that Telkom does mention the right to ad injection in their user agreement (hat-tip to Arief Wahyudi). That in itself is pretty terrible, but then you see this on the u-ad.info site:
That’s the bit where they say they’ll store your browsing and location history for targeted advertistments. If ads don’t scare you, this should. Web analytics alone are worrying, but coupled with the fact that Telkom as a company has all your personal data as well, this is probably an outright intrusion of personal privacy — and Indonesians are poorly educated on the subject. There are various ways to get around this by blocking the u-ad.info domain or by VPS, but I haven’t been able to find a way to opt-out of tracking, including a quick call I had with their customer support.
Yeah, that’s it, I’m switching ISPs.