Saturday, August 21, 2010

Class action suit filed against Disney,AddThis,Sodahead and other companies for spying on users online activity

I don't use any of these sites, but have been to them in the past. It's good to know they have been exposed for invasion of privacy. I've included some suggestions from users at below on how to prevent or remove these flash cookies that allow web sites to spy on your web browsing activity. I'm sure these companies use these cookies to track user interest so that they can target their advertising, not to steal private information or expose a users personal information, however it is being done without the knowledge of most users and therefore is against the law. While some people might not have a problem with ad tracking, since it is used and a well known privacy issue on popular sites like Google and Facebook, it is against the law to track users online activities without the users knowledge.

Are you concerned with online privacy?? Do you think the government should step in or should companies take action on their own to inform users when tracking cookies are being used?

Amplify’d from

Suit alleges Disney, other top sites spied on users

A lawsuit filed in federal court last week alleges that a group of well-known Web sites, including those owned by Disney, Warner Bros. Records, and Demand Media, broke the law by secretly tracking the Web movements of their users, including children.

Attorneys representing a group of minors and their parents filed the suit Tuesday in the U.S. District Court for the Central District of California, records show. The suit alleges that Clearspring Technologies, a software company that creates widgets and also offers a way to serve ads via widgets, is at the center of the wrongdoing.

Web site operators such as Disney,, and SodaHead are "Clearspring Flash Cookie Affiliates," the plaintiffs allege in their suit. Clearspring set "Flash cookies on (affiliate site) users' tracking device(s) which would allow access to and disclosure of Internet users' online activities."

A similar lawsuit was filed last month against Clearspring rival Quantcast, as well as a host of that company's clients, including ABC and NBC. The same law firms that filed that suit--Parisi & Havens, and the Law Office of Joseph Malley--were responsible for filing the recent complaint.

The Web sites working with Clearspring knew users weren't just tracked at sites owned by affiliates, but were followed without their knowledge wherever they went online, the defendants wrote in their suit.

All the news lately about Web privacy--or the lack thereof--is enough to make anyone paranoid about logging on. The Wall Street Journal recently published an expose on Web privacy and concluded that "one of the fastest-growing businesses on the the business of spying on Internet users." And we've seen controversies over privacy at Google and at Facebook. While Congress is looking into improving privacy protections for Web users, it would seem some people are going to take up the issue in court.

The suit against Clearspring was filed one year after researchers from UC Berkeley issued a report on how more than half of the Internet's best known Web sites use Adobe's Flash technology to surreptitiously gather information about their users, according to a story in

"What's even sneakier," reporter Ryan Singel wrote then, is "several services even use the surreptitious data storage to reinstate traditional cookies that a user deleted, which is called 're-spawning,'" This means that a user may kill a cookie, but some technologies will bring it back to life by assigning that cookie's unique ID to a new cookie.

The report from the Berkeley researchers named two companies that reinstate cookies: QuantCast and Clearspring.

Clearspring makes the ubiquitous AddThis tool, which enables users to share links via e-mail or social-networking sites. According to the report from Berkeley, Clearspring has resurrected cookies for,, and

The kind of information Clearspring and its affiliates gathered was personal and far reaching, the plaintiffs wrote in their complaint. They allege the data was obtained by tracking users as they moved "across numerous Web sites, even spotting and tracking users when they accessed the Web from different computers, at home and at work.

Users need to be aware that the way they get these services (such as Google, Facebook, Disney etc) for free, is because the firms are making money of their profile data and behavior to drive advertising revenue or collect marketing information that they can sell. It's that simple.

What's a user supposed to do ? Do you really have to exchange your privacy in return for using these services. We offer users a free solution that can let them to continue to use these services - but keep their private information protected. And this is done without relying on the kindness of the service provider.

Users can simply CLOAK (encrypt) those parts of their postings, emails, appointments etc. right in their browser before they send it. And since their information is stored in an encrypted form at Disney and other sites, they cannot read your posting.

You select the part of their posting or email to be kept private, pick a keyword and encrypt it. You still use the Facebook/Disney/Google service as you do today, but only people who you've shared your keyword with can read your CLOAKed information.

Both the CloakGuard Firefox plugin and online version that does not require a software instal are free.

Free Download --
Free Online version --
Demo --
http cookies only track people on the website that cookie belongs to. so if youre on, an http cookie will track every page you viewed at what times. there are very few websites these days that dont use http cookies, so disabling them will make web browsing difficult. third-party cookies, on the other hand, track you across websites. for example, if two websites have ads from the same advertising companies, lets say Clearspring Technolgies, then Clearspring can track the same user across websites it has ads on. these days, browsers have options to disable third-party cookies, but like http cookies, it removes functionality from websites. now, this all wouldnt be a problem if the user would just clear cookies every time they open or close their browser. which brings us to Local Shared Objects (LSO), better known as flash cookies because right now only Adobe Flash makes use of it. however, when HTML5 becomes standard, H.264 will make use of LSO as well. right now, Adobe doesnt allow flash cookies to read across domains, so for now, we dont have to worry about privacy issues on that front. i very much doubt HTML5 will come with the same guarantee. now, the main issue with flash cookies was that companies were using them to bring back their http cookies after they were deleted. so if you deleted the Disney http cookie, but not the flash cookie, then the flash cookie would put the http cookie back on your computer, hence the name "zombie cookies." this was a major privacy issue and is the main reason Clearwire is being sued. i hope i made things clearer and not more confusing.
If you use Firefox as your browser there is an add-on called BetterPrivacy that deletes flash based cookies or "super cookies" manually or automatically depending on how you have it configured. These Super cookies can't be deleted by the browser's privacy settings or conventional cleaners and they stay on your system indefinitely. You could have dozens of them installed and not even know it! For instance Yahoo installs two of them when I check my email.
SuperAntiSpyware can find and delete Flash cookies.

AddThis Social Bookmark Button

blog comments powered by Disqus  


Newer Post Older Post Home