• by Wendy Davis  @wendyndavis, January 18, 2013

Analytics company KISSmetrics has finalized the settlement of a class-action lawsuit stemming from its alleged use of "supercookies" to track people online.

The company implemented an agreement calling for it to refrain from using eTags, Flash cookies or other types of hard-to-delete supercookies without first notifying users and allowing them to choose whether to accept the technology, according to recent court papers.

The company also agreed to pay around $500,000 to the attorneys who brought the case and $2,500 each to the two consumers who sued: John Kim and Dan Schutzman.

Late last week, U.S. Magistrate Judge Lauren Beeler in San Francisco dismissed the lawsuit based on the representations that the settlement agreement had been carried out. Beeler approved the deal in November, ruling that it was "sufficiently fair, adequate, and reasonable.”

Unlike many other recent class-action settlements, the KISSmetrics deal leaves open the possibility that individuals who were tracked by the company can still bring suit.

The case dates to 2011, when Kim and Schutzman alleged in a class-action complaint that KISSmetrics violated wiretap laws by using ETags (and other supercookies) for tracking. ETag technology can be used to track people across the Web, even when they try to protect their privacy by deleting traditional HTTP cookies.

The lawsuit came soon after researchers at UC Berkeley published a report detailing how KISSmetrics allegedly used ETags to store information in Web users' browser caches. When those users deleted their cookies, they could be recreated with information from the ETags. The only way for users to avoid KISSmetrics' tracking was either by clearing their browser caches between each Web site visit or by installing the AdBlock Plus extension.

After the report was published, KISSmetrics stopped using ETags.

A separate lawsuit against against the video service Hulu, which allegedly worked with KISSmetrics, is still pending. In that case, Hulu is accused of violating a federal video privacy law that prohibits movie providers from sharing information about the films people watch without their consent.