A New York resident sued behavioral targeting network Interclick for allegedly using Flash cookies and history-sniffing techniques to thwart her attempts to prevent online tracking.
"Interclick invaded Plaintiff's privacy, misappropriated her personal information, and interfered with the operability of her computer," Sonal Bose alleges in a complaint filed in U.S. District Court in New York on Wednesday. Bose alleges that Interclick violated federal computer fraud laws as well as wiretap laws. She is seeking class-action status.
Her lawsuit -- the latest in a series of recent court cases alleging privacy violations -- comes one week after Federal Trade Commission consumer protection head David Vladeck criticized ad networks for "history sniffing" by exploiting a vulnerability in browsers to discover the Web sites users previously visited.
Researchers from the University of California, San Diego recently brought the history-sniffing technique to light when they published a paper explaining the technique and naming 46 Web sites where history-sniffing technology was being deployed. In at least some cases, ad company Interclick reportedly used the technology without the publishers' knowledge. Late last week, two other Web users brought the first history-sniffing lawsuit -- a case against YouPorn.
Bose says in her complaint that she believes she was subject to history-sniffing by Interclick based on reports about Interclick's activities, its role as "a major online ad network," and the existence on her computer of an Interclick.com Flash cookie.
Bose also alleges that Interclick "monitored her web browsing in ways she would not expect or detect" by recreating HTTP cookies with Flash cookies -- which are stored in a different place in the browser, and therefore, require additional effort to control. Interclick did so in order to "track, profile, and serve targeted advertisements to consumers without being subject to the controls consumers reasonably expected to have over such third-party interactions on the Internet," she alleges.
Measurement company Quantcast and widget maker Clearspring recently agreed to pay $2.4 million to settle two class-action lawsuits alleging that they violated people's online privacy by using Flash cookies for tracking.
The use of Flash cookies to track users who delete HTTP cookies appears to date to 2005, when ad technology company United Virtualities publicly said it could track Web users through a "pie," or persistent identification element," that would remain on people's computers regardless of whether they shed HTTP cookies.
But the technique didn't draw much public notice until last year, researchers at the University of California, Berkeley and other schools published a report outlining the practice. Shortly afterward, some Federal Trade Commission officials said they were concerned about the use of Flash for tracking purposes.
Bose's lawyers include Dallas-based lawyer Joseph Malley and New York-based attorney Scott Kamber, both of whom have filed other high-profile privacy lawsuits against a variety of Web companies.