On January 12, 2011, Adobe Systems Incorporated (“Adobe”) announced in its Adobe Flash Platform Blog that it is working with browser vendors to integrate control features into browser user interfaces that will allow users to more easily control local shared objects (“LSOs”) on their computers. Local shared objects, often referred to as Flash cookies, store information about online activity, including things like browsing history, login details and preferences. In August 2010, we reported on several lawsuits that had been filed against online advertising networks for, among other things, using Flash cookies to re-create deleted browser cookies.
As stated in the Adobe Flash Platform Blog, “[s]ince local storage allows sites and apps to remember information, there are concerns about the use of local storage to store tracking information – or of greater concern, to restore tracking information to a browser cookie that a user has intentionally deleted.” Accordingly, the new Adobe LSO management features will enable the deletion of LSOs using browser settings. Currently, LSOs typically cannot be deleted using the cookie privacy controls in a web browser. Adobe also indicated that it is redesigning the Flash Player feature that allows users to manage their privacy settings.
In the Federal Trade Commission’s December 1, 2010, report on online privacy, the FTC addressed the use of Flash cookies and emphasized the importance of improving consumers’ ability to control online tracking mechanisms. The report noted that although consumers “may believe they have opted out of tracking if they block third-party cookies on their browsers…they may still be tracked through Flash cookies or other mechanisms.” Adobe’s announcement seems to be in line with the FTC’s recommendations.
Update: On May 12, 2011, Adobe announced the release of Flash Player 10.3, which provides customers with enhanced privacy and security features. According to the Adobe Secure Software Engineering Team (“ASSET”) Blog, “Adobe coordinated with the open-source browser community to develop the ClearSiteData NPAPI…which allows the browsers to communicate a user’s desire to wipe user data stored by installed browser plugins.” The API enables users to clear both their browser data and their plugin data through their browser settings. Adobe announced that the API was designed to enable all plugins to participate and that the company expects to receive official support across all open source browsers in the near future. Adobe also noted that it collaborated with Microsoft to provide equivalent functionality in Internet Explorer 8 and 9 and has improved its Flash Player Settings Manager to make it easier for users to manage their Flash Player settings.
Read more information about Flash Player 10.3.