Quantcast fixes cookie resurrection loophole
The discovery, by researchers at the University of California, Berkeley, raised concerns that “privacy-sensitive consumers who ‘toss’ their cookies to prevent tracking or remain anonymous are still being uniquely identified online”.
Researchers discovered the re-spawning behaviour in instances where two different types of cookies were in use, HTTP and Flash cookies.
HTTP is the more common type of cookie and is easily deleted by users. Flash cookies, on the other hand, are stored in a different location within a computer and are designed to be used by multiple browsers.
As such, the researchers said, “Erasing HTTP cookies, clearing history, erasing the cache, or choosing a ‘delete private data’ option within the browser does not affect Flash cookies.”
This alone “creates an area for uncertainty for user privacy control”, the researchers said. But more troubling was when they witnessed deleted HTTP cookies being rewritten in instances where their Flash counterparts had the same stored values.
Quantcast cookies were among those being re-spawned. The company uses Flash cookies to measure audiences for videos, widgets, music and other Flash content hosted on websites.
In a blog post following publication of the Berkeley paper, the company said: “As we’ve introduced new capabilities such as Flash measurement we’ve attempted to keep our measurement processes synchronised and as accurate as possible.
“One side effect of this synchronisation is that a deleted browser cookie could be set to match the [Flash cookie], resulting in the reinstatement of a previously deleted cookie value.”
Quantcast said it took immediate steps to “remedy the behaviour” and has confirmed with the Berkeley researchers that the restoration behaviour no longer occurs.
Meawhile, the study’s authors have called for a wider debate on the subject of Flash cookies and have urged websites to be more transparent about their use of the tags, how they are employed and how web users can exert more control over their use.

We hope you enjoyed this article.
Research Live is published by MRS.
The Market Research Society (MRS) exists to promote and protect the research sector, showcasing how research delivers impact for businesses and government.
Members of MRS enjoy many benefits including tailoured policy guidance, discounts on training and conferences, and access to member-only content.
For example, there's an archive of winning case studies from over a decade of MRS Awards.
Find out more about the benefits of joining MRS here.
0 Comments