• by Wendy Davis , Staff Writer @wendyndavis, December 21, 2011

The Federal Trade Commission said today that it finalized a settlement with ScanScout for allegedly using Flash cookies to track Web users.

The deal calls for ScanScout to give users an easy way to opt out of the collection of many types of data, including IP addresses. The company is still allowed to collect data from opted-out users for some purposes, including frequency capping, fraud prevention and age verification.

The gist of the FTC's complaint, made public last month, was that ScanScout violated its privacy policy by using Flash cookies from 2007 to 2009 in order to track users' online activity to serve them targeted ads.

Flash cookies were originally designed to store people's preferences for applications like online video players. But, starting around 2005, some companies decided to use Flash cookies to store the same type of information that is normally found on HTTP cookies. Flash cookies are stored in a different place in browsers than HTTP cookies and, until recently, were harder for many users to delete.

ScanScout, which was acquired last year by Tremor Media, allegedly said in its privacy policy that users could opt out of receiving cookies by changing their browser settings. That statement was deceptive, the FTC alleged, given that Flash cookies couldn't easily be controlled through the browser settings.

The action marked the first time the FTC brought a case regarding Flash cookies -- which first came to public attention in 2009, when researchers at UC Berkeley published a report detailing how Web sites used Flash to recreate HTTP cookies that users had deleted

But the FTC's case isn't the first time that Flash cookies have been mentioned in legal proceedings. In the last year, three companies -- Quantcast, Clearspring and Say Media's VideoEgg -- agreed to pay a total of $3.4 million to settle civil lawsuits about Flash cookies.