A class action complaint was recently filed against a major internet service provider alleging violations of the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, as well as violations of the Privacy Act of Massachusetts. When a consumer downloads a web page that contains video content designed to be displayed using Adobe’s Flash software, the Adobe Flash Player software installed on the consumer’s computer can be used to display that video content on a Web page. When a website incorporates content displayed using Flash technology, the site can store file called “local shared objects” (“LSOs”) on the computer of a consumer using Flash Player. According to the complaint, the ISP in question stores LSOs for a different purpose; they used LSOs as substitutes and backups for browser cookies to circumvent the browser controls that the plaintiff and class members had set to block or delete browser cookies, so the company could track and profile plaintiff and class members. According to the complaint, the company’s use of these LSOs, or “flash cookies,” were used to circumvent browser controls to track the plaintiff and class members, even though they had disabled cookies on their computer.
TIP: Advertisers may wish to disclose the use of LSOs or flash cookies in their privacy policies.