IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Web firm accused of spying on children

Class action claims widget tracks users' online habits through Flash cookies.

Privacy

Parents in the US are accusing software company Clearspring Technologies of effectively spying on their children, through an online advertising tool.

Clearspring makes widgets that deliver targeted advertising to a number of popular websites used by children, including Disney, Facebook and MTV.

However, in a case that could have wide-ranging consequences for the entire web advertising industry, the lawsuit filed in the US District Court for the Central District of California alleges that the service's use of Flash cookies to track users' web browsing habits contravenes privacy laws.

According to the class action suit, the Clearspring widget does not restrict its tracking of users' internet use to the sites that host the service, but monitors their browsing activity whenever they are online in "a pattern of covert online surveillance".

The plaintiffs argue that this violates the Computer Fraud and Abuse Act, Californian Computer Crime law and the Californian Invasion of Privacy Act.

"The sensitive information may include such things as users' video-viewing choices and personal characteristics such as gender, age, race, number of children, education level, geographic location, and household income," the complaint reads.

The suit also details how the Clearspring tracking technology is deliberately designed to resist being removed from users' systems, with the widget manipulating the Flash player to restore the tracking cookie even when users try to clear their browser cookies.

The plaintiffs quote a UC Berkeley report released earlier this month entitled [ital]Flash Cookies and Privacy[/ital], which describes the practice of reviving unwanted cookies through Flash: "we found that top 100 websites are using Flash cookies to 'respawn,' or recreate deleted HTTP cookies. This means that

privacy-sensitive consumers who 'toss' their HTTP cookies to prevent tracking or remain anonymous are still being uniquely identified online by advertising companies," the report claims.

Also included is a statement from Adobe, which owns Flash, condemning the practice unless there is explicit user knowledge and express consent.

The suit alleges that the sites using the Clearspring widget make no mention of this practice, or indeed of their association with Clearspring at all. Several, including Walt Disney, Warner Brothers Records and Demand Media, are named as defendants in the suit.

Clearspring is also charged with trespass and unjust enrichment, and on top of damages the plaintiffs are requesting an injunction ordering the company to delete all confidential data and in future provide all consumers with the option to decline participation in any web activity monitoring.

Last month a similar lawsuit was filed against Quantcast, a Clearspring rival offering a similar service, as well as several of its clients including ABC and NBC.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The pros and cons of flash storage
flash storage

The pros and cons of flash storage

31 Jan 2022
IBM FlashSystem 5000 and 5200 for mid-market enterprises
Whitepaper

IBM FlashSystem 5000 and 5200 for mid-market enterprises

9 Jul 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Researchers demonstrate how to install malware on iPhone after it's switched off
Security

Researchers demonstrate how to install malware on iPhone after it's switched off

18 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022