The Federal Communications Commission (FCC) fined Verizon Wireless for violating its customers’ privacy, an increasingly hot topic for regulators.

Supercookies are “unique identifier headers” (UIDH) that Verizon inserted into web traffic to deliver targeted ads from the operator itself as well as third parties.

The FCC wants Verizon to notify consumers about its targeted advertising programmes, obtain their consent before sharing UIDH internally and with third parties as well as adopt a three-year compliance plan.

“This agreement shows that companies can offer meaningful transparency and consumer choice while at the same time continuing to innovate,” said FCC enforcement bureau chief Travis LeBlanc, adding that consumers care about privacy and should have a say in how their personal information is used.

The FCC launched the investigation back in December 2014 and found that the operator began inserting UIDH as early as December 2012, but failed to disclose this until October 2014.

The FCC stated that Section 222 of the Communications Act imposes a duty on carriers to protect their customers’ information while section 8.3 of the commission’s rules, known as the Open Internet Transparency Rule, requires every broadband internet access provider to disclose information regarding the network management practices, performance and commercial terms of its broadband services.

The settlement represents the second action based on the ‘Open Internet’ rule taken by the FCC: in June 2015, it proposed a $100 million fine against AT&T for misleading its subscribers about unlimited data plans.