Le principe Noemi concept
Astuces informatiques
Webbuzz & Tech info
Noemi météo
Notions de Météo
Animation satellite
Mesure du taux radiation
NC Communication & Design
News Département Com
Portfolio
NC Print et Event
NC Video
Le département Edition
Les coups de coeur de Noemi
News Grande Région
News Finance France
Glance.lu
A New York-based mobile-web advertising company was hit Wednesday with a proposed class action over its use of an HTML5 trick to track iPhone and iPad users across a number of websites, in what is believed to be the first privacy lawsuit of its kind in the mobile
The company, Ringleader Digital, uses HTML5’s client-side database storage capability as a substitute for the traditional cookie tracking employed by all major online ad companies. Mobile Safari users visiting sites with Ringleader ads are assigned a globally unique ID number which is stored by the browser, and recalled by Ringleader whenever they revisit.
But the tracker, labeled RLDGUID, does not go away when one clears cookies from the browser. Our sister site “ARS Technica reported last week that users savvy enough to find and delete the database have found it returning mysteriously with the same ID number as before — a result the lawyers suing Ringleader say they’ve reproduced.
“You can’t get rid of that database,” says Majed Nachawati, a Dallas attorney behind the Ringleader lawsuit. “You’re left with this database tracking you and your phone and your viewing habits on the net, which is a violation of federal privacy laws.”
The lawsuit lodged Wednesday in Los Angeles federal court also names as defendants a number of companies who’d allegedly been serving the Ringleader trackers on the mobile versions of their sites: Surfline, WhitePages.com, The Travel Channel, CNN Money, Go2 and Merriam-Webster’s dictionary site.
The lawsuit comes in the wake of a similar suit filed in July against MTV, ESPN, MySpace, Hulu, ABC, NBC and Scribd for using storage in Adobe’s Flash player to recreate cookies deleted by users of non-mobile devices, allegedly in violation of federal computer intrusion law.
In Threat Level’s testing on Thursday, the RLDGUID uncookie was still being served from the Travel Channel, Go2 and Merriam-Webster, but not the other sites named in the lawsuit. In our tests, the database entry did not reappear. It’s not known if Ringleader has changed its system’s behavior. The company did not return repeated phone calls Thursday.
HTML5’s database storage is a highly touted feature designed to allow websites to locally store data on the user’s computer — a boon for offline use of a browser app.
The Ringleader site provides an opt-out action that can be implemented by pointing your mobile phone’s browser to a special page on its website referenced in its privacy policy. How anybody would know that is unclear, since the sites in Ringleaders networks do not inform consumers of that fact, according to the lawsuit.
“Please note that opting out does not stop advertisements from being served to your mobile device, rather, it prevents us from associating non-personally identifiable data with your device’s browser starting from the time you implement the opt out utility,” reads Ringleader’s opt-out page. “It does not affect data collected prior to that time.”
See Also:
- Gonzalez Accomplice Gets Probation for Selling Browser Exploit
- DNS Exploit in the Wild — Update: 2nd More Serious Exploit
- Revealed: The Internet’s Biggest Security Hole
- Hack of Google, Adobe Conducted Through Zero-Day IE Flaw
- New Web Exploit at 10000 Machines and Growing
- Hacked iPhone No Longer Just a Theory
- Vulnerabilities Allow Attacker to Impersonate Any Website
Authors: David Kravets
mobileporn