An academic study has found that over half of the top 100 websites are retaining user information through Flash cookies without permission.

The study, by researchers at the University of California in Berkeley, will be of particular concern to those who try to delete cookies as a means of keeping their internet browsing patterns private. Flash cookies differ from the HTTP cookies which users are able to delete on request, in that they remain largely undetected by privacy settings on software such as Internet Explorer and Firefox.

Flash cookies, many of which are capable of tracking user activity, originate from coding contained in Adobe's Flash media player. In several cases where researchers attempted to delete or block HTTP cookies on Flash-enabled sites, the Flash cookies continued to trace user data and even "re-spawned" the deleted information upon the next visit to the site. Only four of the 100 sites mentioned the use of the Flash technology for tracking purposes in their privacy policy.

The researchers concluded that only a "sophisticated" user with knowledge of the different storage settings for Flash cookies would even be aware of them and be able to manage them. This means that many individuals will be having their privacy breached without their knowledge every time they visit a webpage.

Any company which is utilising Flash cookies to store user data is potentially in breach of European data protection laws, and care should be taken to mention this process when drafting your website privacy policy.

To get rid of flash cookies and stop more appearing instructions are available at http://epic.org/privacy/cookies/flash.html.