‘Zombie cookies’ may sound like a combination of dough, chocolate chips and some undead flesh but instead they are actually copies of supposedly deleted browser cookies; and today they are the focus of a major legal case in the US.

The term "zombie cookie" was coined after the issue of traditional browser cookies being undeleted by Flash was brought to light in 2009.

A legal challenge has been launched across the Atlantic against a number of websites – including Hulu, MTV, and Myspace – claiming that they were engaged in “covert surveillance” of users. The site are said to have used a Quantcast Flash application to restore deleted text files used by web browsers to store user data, or ‘cookies’ as they’re more commonly known.

Quantcast issued a statement to BBC News saying that it was “aware of the lawsuit”, and that the company was  “reviewing this matter carefully”. The term ‘zombie cookie’ was coined after the issue of traditional browser cookies being undeleted by Flash was brought to light in a 2009 paper by US researchers.

The study found that more than half of sites surveyed used flash cookies to store information about the user, with some using it to “respawn or re-instantiate cookies deleted by the user”. “Flash cookies often share the same values as browser cookies, and are even used on government websites to assign unique values to users,” the paper read.

The issue was caused by a Quantcast system that retrieved deleted user data and re-created the cookie. Critics said this was a serious breach of privacy, because if a user had made a conscious decision to delete a cookie, it should remain deleted.

After the problem was highlighted, Quantcast released a fix, saying that restoring deleted cookies it was an “unintended consequence of trying to measure web traffic”.

However, the new lawsuit, brought about by US privacy activist Joseph Malley, states that the practice of re-creating deleted cookies continues and that users were “victims of unfair, deceptive, and unlawful business practices” and “their privacy, financial interests, and computer security rights were violated”.

We’ll try and keep you up to date on how this develops though a lot of this may have to do with user settings rather than any great invasion of privacy.