EU warns of privacy threats from new kinds of cookies
“These privacy-invasive marketing practices need greater scrutiny,” says the European Network and Information Security Agency (Enisa) in a policy paper entitled ‘Bittersweet cookies’.
The possibilities for misusing cookies “are very real and are being exploited”, Enisa warns, and the privacy implications of new types of cookies such as Flash cookies are “not easily quantifiable”.
Cookies are tiny text files that websites can place on an internet user’s computer, in order to recognise them and record information about them. They can be used to help a site provide tailored content and to save the user from having to repeatedly log in, but also to track behaviour and to deliver targeted advertising based on a user’s profile.
Standard cookies can be controlled using the settings in internet browsers, and many users now alter their internet settings or regularly clear cookies to prevent anyone from tracking their activity online.
But Enisa warns that “new and more persistent types of cookies”, whose development has been driven by the online ad industry, can get round this, taking control out of users’ hands. These include Flash cookies, which run in Adobe’s Flash plug-in, meaning they can’t be controlled directly through a browser. Users are not informed when such cookies are created, and they never expire. Flash cookies, Enisa’s report says, “are extensively used by popular sites, often to circumvent users’ HTTP cookie policies and privacy preferences.”
Even traditional cookies are usually difficult to manage, Enisa said, and the legal framework on how they should be used is not always respected. There is often no real choice for users on whether to accept cookies, because many online services can only be accessed if they are accepted.
Member states of the European Union are in the process of incorporating a new data protection directive into national law, and Enisa is calling for a review once that process is complete to make sure that users have real choice about cookie use. It also called for developers of browsers and internet apps to do more.

We hope you enjoyed this article.
Research Live is published by MRS.
The Market Research Society (MRS) exists to promote and protect the research sector, showcasing how research delivers impact for businesses and government.
Members of MRS enjoy many benefits including tailoured policy guidance, discounts on training and conferences, and access to member-only content.
For example, there's an archive of winning case studies from over a decade of MRS Awards.
Find out more about the benefits of joining MRS here.
2 Comments
Scott
14 years ago
For people who read this and are concerned about their privacy, there's a browser add-on for FF and IE that blocks these "new and more persistent types of cookies." It's called PrivacySuite: http://www.abine.com/apps.php
Like Reply Report
Veerle_VH
14 years ago
Indeed, not to worry, there are many add-ons that allow internet users to manage their privacy settings. But let's not forget that most cookies are actually useful. It's just how they are used that should be regulated.
Like Reply Report