FTC Takes a Critical Eye to Adobe Flash Cookies

The U.S. Federal Trade Commission has started looking into how Adobe Flash stores cookies on user’s computers and has been questioning the company on why they don’t honor Web browser privacy controls, according to paidContent. Instead of complying with user preferences for standard Web browser cookies, Flash cookies are managed through the Adobe Web site via difficult to find Web pages.

“The issues have to do with uses of Flash for tracking, Flash cookies for example,” FTC chief technologist Ed Felten said. “As of today, when you use the privacy controls in your browser, they don’t directly affect the treatment of Flash local shared objects.”

Local shared objects is the term Adobe uses to identify Flash cookies, or the files Web sites store on your hard drive to perform tasks like tracking your browsing activity or remembering you login information.

For its part, Adobe representatives claim that local share objects weren’t intended to be used for tracking, and that it has “repeatedly stated publicly that we condemn such practices because they clearly circumvent the user’s expressed choice.”

One issue of concern is that managing Flash privacy settings isn’t intuitive because users must visit the Adobe Web site to make changes and delete unwanted cookies. In comparison, standard cookies can be managed and deleted in Web browsers.

Adobe representatives pointed out that browser-based Flash privacy management is available in Google’s Chrome. Other main stream browsers, such as Apple’s Safari and Microsoft’s Internet Explorer, however, can’t manage Flash privacy settings.

Mr. Felton added “There are some other issues with Flash, which I suppose we could address at another time.”

Interested in learning more about Flash privacy and security issues? Check out what TMO’s John Martellaro had to say on the topic.