State owned telecom operator BSNL has been injecting banner ads and other service related messages on web browsers within its broadband network. It has followed in the footsteps of the other state owned telecom operator: MTNL, which was found to be inserting code into what users were browsing in June last year. Ads are injected by BSNL, just as they were by MTNL, in the browser through a javascript code. BSNL appears to be pushing these ads via a private ad network named Abeer Media, according to users on github and broadband forum, although the company hasn't revealed this data in response to an RTI. Ads are visible across all websites, and we found them popping up while browsing TechCrunch, Naukri.com, MediaNama, The Indian Express,etc. Privacy Issue: An injected javascript code can also be modified to track and store user data as noted by Thejesh GN when Airtel was found to be injecting Javascript into its user’s browsing session without seeking user consent. At that time Airtel said: “This is a standard solution deployed by telcos globally to help their customers keep track of their data usage in terms of megabytes used." One user from broadband forum (link) has submitted a screenshot showing a Snapdeal pop-up ad: Another user claims to have traced the Snapdeal ad's IP address source to BSNL : We tried accessing multiple PCs with a BSNL broadband connection; the ads happen to appear on news sites regularly in three test PCs. At times, these ads are repetitive as it appeared multiple…
