Privacy Snafu As Web Sites Bypass Cookie-Blockers
The problem is that a great many sites aren't doing so. "We collected CPs from 33,139 websites and detected errors in 11,176 of them, including 134 TRUSTe-certified websites and 21 of the top 100 most-visited sites," researchers state in a summary of their report. The authors add that thousands of sites were using identical invalid compact policies "that had been recommended as workarounds" to stop Explorer from blocking cookies.
"It appears that large numbers of websites that use CPs are misrepresenting their privacy practices, thus misleading users and rendering privacy protection tools ineffective," the summary says. "Unless regulators use their authority to take action against companies that provide erroneous machine-readable policies, users will be unable to rely on these policies."
The Federal Trade Commission has already indicated it's interested in Flash cookies; meanwhile, consumers' class-action attorneys have filed at least three lawsuits to date against companies who allegedly used Flash to recreate deleted HTTP cookies, including an action against Specific Media.
Putting out misinformation in order to get around users' privacy preferences certainly seems comparable to using Flash cookies to recreate deleted HTTP cookies. It also seems like the type of activity that's almost guaranteed to result in new scrutiny by regulators, while fueling calls for new privacy legislation.