Out-Law News | 19 Aug 2010 | 9:06 am | 1 min. read
The companies are being sued in a class action suit which claims that the technology is being used to track their web usage without proper notice and in a way that side-stepped the users' management of their online privacy.
Media playing software Flash, which was created by Adobe, also has some cookie-like functions that are less well known.
Researchers at the University of California, Berkeley reported last year that Flash cookies, also known as Locally Shared Objects (LSOs), can report what users are doing online even when they have disabled HTTP cookies.
"This means that privacy-sensitive consumers who 'toss' their HTTP cookies to prevent tracking or remain anonymous are still being uniquely identified online by advertising companies," said the researchers in a report on flash cookies. "Few websites disclose their use of Flash in privacy policies, and many companies using Flash are privacy certified by TRUSTe."
The lawsuit, filed in the US District Court for the Central District of California, said that Flash cookies are 'tracking codes' which are planted by Clearspring in co-operation with affiliate websites, such as those operated by Walt Disney Internet Group, Warner Bros and others.
The suit said that the Flash cookies allowed the companies to "track Plaintiffs and Class Members that visited non-Clearspring Flash Cookie Affiliates websites by having their online transmissions intercepted, without notice or consent".
"[The companies] perpetrated this exploit so they could obtain personal identifying information, monitor users, and to sell users' data," said the complaint.
The suit also claims that the Flash cookies can be used to 're-spawn' HTTP cookies, meaning that users who had deleted cookies in their browser would then find that their browsers were re-identifying them.
This capability was also pointed out in the University of California research paper.