TrustArc Blog

How Flash Cookies Left A Bad Taste In the FTC’s Mouth

November 09, 2011

John Gamble
Marketing Manager | TRUSTe


Image Credit 

Yesterday the Federal Trade Commission announced a settlement with ScanScout, an online video advertising network, over charges that the company deceived consumers about their ability to opt-out of online tracking activities. ScanScout’s privacy policy read:

“You can opt out of receiving a cookie by changing your browser settings to prevent the receipt of cookies.”

The problem? That wasn’t actually true. While one can opt-out of HTTP cookies using this method, the Flash cookies used by ScanScout to track consumers cannot be controlled via browser settings. (For more information about tracking technology like Flash cookies, check out this FTC educational article).  The FTC found ScanScout’s disclosure deceptive and in violation of the FTC Act and as part of the settlement the company is required to complete the following actions:

  1. Fix their privacy policy
  2. Display prominent notice on their homepage disclosing their tracking and linking to an opt-out mechanism
  3. Display a link within or next to all its targeted display ads that provides an opt-out mechanism

There’s been a real uptick in FTC privacy cases in the last year – most recently they’ve settled with for COPPA violations, Google over its “Google Buzz” rollout,  Frostwire for its Android App, and now ScanScout. And that’s just in the last two months! Could your company be next? Here are some takeaways from this most recent case:

You need total transparency in your privacy policy 

Leave no stone unturned in your disclosures. Avoid ambiguous language: if you’re tracking consumers then in no uncertain terms you should disclose a) how you are doing it, and b) how consumers can opt-out of it. Anything short of that invites scrutiny. Read more “How Flash Cookies Left A Bad Taste In the FTC’s Mouth”