Lawsuits target Quantcast, Clearspring over use of Flash cookies

Web audience researcher Quantcast and ad widget company Clearspring have been named – along with a number of their clients – in separate lawsuits that make similar claims: Flash cookies were used to restore deleted browser cookies to allow companies to continue to track online activity against users’ wishes.

Both complaints cite a paper published by UC Berkeley researchers, which identified the use of Flash local shared objects – colloquially referred to as ‘Flash cookies’ – to “re-spawn” previously deleted browser cookies.

Browser, or HTTP, cookies are the more common type of cookie and are easily deleted by users. Flash cookies, on the other hand, are stored in a different location within a computer and are designed to be used by multiple browsers.

As such, the researchers said, “Erasing HTTP cookies, clearing history, erasing the cache, or choosing a ‘delete private data’ option within the browser does not affect Flash cookies.”

Quantcast cookies were among those found to be respawning by the researchers, but following the publication of the paper Quantcast announced that it had taken steps to “remedy the behaviour” and confirmed with the Berkeley researchers that the restoration of deleted cookies no longer occurred.

Since then, Flash developer Adobe has publicly criticised the use of its technology for such purposes, while web analytics expert Eric Peterson sought to warn companies off Flash cookies as a tracking device. “We believe that companies making inappropriate or irresponsible use of the Flash technology are very likely asking for trouble,” he said.