More on AddThis — looking at the GSA contract

August 31, 2009

A quick follow up on last week’s post outlining questions about the privacy practices of AddThis when installed on government websites. As a result of a FOIA request by the Electronic Privacy Information Center, the General Services Administration has now released its contract with AddThis. As EPIC points out, this contract is one of the few disclosed contracts to provide that persistent cookies will not be used on .gov sites.

clearspring flash cookiesHere’s the problem: As you can see from the screen grab, as of the time of this post, AddThis is indeed writing cookies — Flash cookies no less — on usa.gov, doing so upon interaction with the AddThis widget. (Note: Clearspring is the parent company of AddThis and the formal party to the GSA contract.)

Hopefully AddThis will move quickly to resolve this issue and also to shore up their relatively weak privacy disclosures and opt-out processes.

Advertisements

2 Responses to “More on AddThis — looking at the GSA contract”

  1. Justin Thorp Says:

    As you noted, our agreement with the GSA specifically specifies that we don’t serve up persistent cookies on Web sites with a .gov top level domain. We do comply with the agreement.

    We’ve tested USA.gov and were not able to reproduce having the site’s AddThis installation serve up a flash cookie. Did you clear out your flash cookies before visiting USA.gov to rule out the flash cookie coming from a non .gov Web site?

    If we’re missing something, please send us a way to reproduce the results that had. We’d appreciate the help.

    Feel free to contact me personally if you have any questions. We’re happy to help. – justin@addthis.com

    • privacychoice team Says:

      Hi Justin,

      Thanks for the prompt attention to this. I just went through the process again two times, first clearing all flash cookies (once with the BetterPrivacy add-on and then separately through the control panel on the Adobe site), and then clicking on the widget on the top page of usa.gov. Both times new Flash cookies are written immediately when I click on widget. Happy to continue to test this as you debug it, just let me know.

      Also, any thoughts on the other questions posed in the earlier post?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: