According to the Electronic Frontier Foundation briefing, Flash cookies are stored outside the browser’s control and users cannot view or delete them. Nor are users notified when the cookies (which have no expiry date) are set. Flash cookies can track users in all the ways traditional old-style cookies do, but they can be stored or retrieved whenever a user accesses a page containing a Flash application – which is almost every page that most people access.
Google has lost a Court of Appeal bid to stop consumers having the right to sue in the UK over alleged misuse of privacy settings.
The case revolves around a so-called Safari workaround, which allegedly allowed Google to avoid the Safari web browser's default privacy setting to place cookies, that gathered data such as surfing habits, social class, race, ethnicity, without users' knowledge. A group of users claim that Google bypassed security settings on the Safari browser to install tracking cookies on their computers in order to target them with advertising.
The most significant change is the introduction of a lighter regime for cookies that (a) are used to gather information on the quality and effectiveness of a requested service; and (b) have little or no effect on the privacy of the user of the service. For these cookies (e.g. analytic cookies, affiliate cookies and a/b testing cookies), the standard requirements for cookies (informing the user and obtaining consent) are no longer required. For tracking cookies or similar technologies the duty to inform individuals and request consent remains in effect.
On Tuesday 10 January, the European Commission put forward a series of new texts on personal data protection in the EU. It includes the upcoming ePrivacy Regulation which will frame the confidentiality and security of our electronic communications, as well as the famous internet cookies, among other things. Before the legislative process had even started, lobbies from the digital industry and telecom operators collaborated closely to water down as much as possible the reform that was supposed to not only provide better security and confidentiality to electronic communications, but also to give users control of their data back.