This month’s Epicenter blog on wired.com discusses Flash Cookies, an online tracking mechanism similar but far less known than the more commonly-recognized internet cookie. Both operate very similarly to store user data, but there are signifigant differences. Perhaps the biggest difference is storage capacity: HTML cookies can save up to 4 KB of data while Flash cookies can hold nearly 100 KB.
Oh, and there’s one more thing: when you choose to clear the cookies from your browser, you eliminate the HTML ones, but you don’t touch the flash cookies because they aren’t stored in your browser. Actually, they are part of the Adobe Flash Player and you can find them through the Settings Manager. Generally, they have an .sol extension.
Viewed positively, Flash cookies keep track of things like your volume settings for YouTube videos, high scores on flash games and user data for sites like Amazon.
Viewed suspiciously, they are shadowy spyware, implemented in a manner that runs counter to the transparency that characterizes the best web behavior. Some paranoid programming and tech savvy types conjecture that Adobe intentionally tries to deflect privacy concerns by locating these files in disparate tab locations within their software, under unusual labels like ‘storage’ instead of more straightforward headings like ‘security’ or ‘privacy.’
Unfortunately for marketers and online data crunchers, most people do view cookies negatively. According this article in today’s New York Times, a study from Penn and Cal Berkeley shows two-thirds of Americans object to online tracking. It’s even becoming an issue on Capitol Hill as various representatives are considering legislation to address the issue.
I am not anti-cookie (or Local Shared Objects or DOM Storage Objects). They make many things far more convenient and I’m willing to sacrifice some measure of privacy in exchange for their usefulness. This compromise also drives things like my use of Catalina Marketing’s discount card at the grocery store and my daily use of Facebook; I’m willing to let marketers learn more about my behavior in exchange for coupons and free services. And you can always turn them off.
But first you have to know they exist. And reside in a different directory. The disturbing point at the crux of the blog post was how nearly half of the web’s most popular sites use these cookies, yet very few mention them in their privacy policies. That’s wrong, plain and simple and people have a right to be suspicious of these site’s intents. Remarkably, the list of offending sites even includes whitehouse.gov.
Of course, if you grew up watching the Watergate Trials, that will just confirm years of suspicion.