How did they get around these browser privacy settings? It is important to note that Flash, as well as any other “plug-in” or “object”: is actually a self-contained program running mostly independently within its own container within a Web page. Thus, Flash doesn’t follow the Web browser’s privacy restrictions, rather it has to be set within a Flash itself. According to a Wired article last month, these companies took advantage of this lack of knowledge to circumvent browser cookie restrictions.
So, how do you go about setting privacy in Flash? Adobe has a Web site which renders the “Settings Manager” for your Flash player, including the “Website Storage Settings” which will show which sites are currently storing data. You can change “Global Storage Settings” to restrict third party content as well as deny storage to sites you haven’t visited. Keep in mind, most of the cookies stored on your computer, even Flash cookies, are innocuous, such as volume and playback preferences. Also, changing these settings may negatively impact Flash performance, depending on the site in question.
I would expect that in light of these lawsuits, Adobe will update Flash to include more obvious and gradated privacy settings sometime in the future. Cookies are an important tool for Web developers in authentication and e-commerce. Those who use them to leverage marketing over privacy risk a backlash to conducting business over the Web as a whole.