mossing

Last September Adobe purchased Omniture for $1.8 billion. In my view, it was a surprising mix, and I went around trying to understand what was behind it. While for some people the deal seemed to make business sense , others were more skeptical. And I left it at that. But a couple of weeks after the operation was announced, I came across a post in a rather laconic blog that pointed to flash cookies as a key element for understanding the deal. That post referred to a piece in Wired magazine that discussed flash cookies, a piece which, in turn, referred to a paper written by a group of young researchers at UC Berkeley on the use of flash cookies in 100 of the most visited sites. By the end of the day I had a pretty clear idea of what flash cookies were, and of how they were being used. And it was unsettling (if you retrace my steps you can probably understand why). However, I was not finding many references to flash cookies anywhere, and I was starting to wonder whether I was simply reading too much into the issue.

Last week, in the talk  I gave at the Berkman Center, I mentioned the Berkeley study to illustrate the different mechanisms of data collection in use by the advertising industry. Doc Searls, who was acting as informal host for the talk, decided to ask the people attending whether they had heard of flash cookies and, to my surprise, most of them hadn’t. Considering the audience, this response made me wonder again whether I was actually conferring too much importance to the issue. On the other hand, and this was the possible alternative interpretation of the response, if the issue was relevant and not even the people in that room were aware of it, then we really had something to be concerned about.

Interestingly, just three days after the talk, I got news of a report on the use of flash cookies for tracking purposes, commissioned by BPA Worldwide to Web Analytics Demystified (you can get it here  in exchange, of course, for some personal information). This white paper does not add much factual information to what is already known (it actually borrows quite a bit from the Berkeley study and relies to a large extent on Google searches), but it clearly points to flash cookies as a concern, both for the advertising industry (fear of regulation) and for internet users (covert collection of information). In terms of the former, the white paper concludes “that companies making inappropriate or irresponsible use of the Flash technology are very likely asking for trouble (and potentially putting the rest of the online industry at risk of additional government regulation)”. As for the latter, flash cookies are characterized as “super-cookies which are dramatically more resilient than cookies due to their implementation and a general lack of knowledge about their existence among consumer”.

Should we really be concerned?