Google Could Be Fined $10 Million for Violating Safari’s Privacy Settings
Bloomberg reports that Google is negotiating with the U.S. Federal Trade Commission over the size of a fine for violating the privacy settings of Apple’s Safari browser. The fine could amount to $10 million or more. By comparison, Google’s latest FCC fine for public Wi-Fi data collection was a mere $25,000. What did Google do wrong?
The FTC’s job is to protect consumers from “unfair and deceptive” practices. Bloomberg reported that this would be the FTC’s first fine for Internet privacy. We found earlier precedent for this. Still, “unfair and deceptive” sounds about right. Google used a loophole to get around Safari’s default settings, which, while not technically difficult, was deceptive to the user.
Google, like many ad companies, uses browser cookies to track its users around the Web and better target ads to them. Cookies are set by the site you’re on, but some cookies allow third parties to set a tracking cookie through them.
The default setting for Apple’s Safari browser is to only accept cookies from sites to which you navigate, blocking third-party cookies. Google is one of several ad companies that routed around the setting by placing cookies on the domain you visit and using them to track you from their own domains.
What’s So Bad About That?
Web companies are tracking us everywhere unless we block all cookies, so one might be tempted to say, “So what?” It’s the default setting to allow some cookies, and if people are concerned about privacy, they should change the setting to block cookies. What’s so bad about ad tracking, anyway?
But there are several particulars to the Google example that might give you pause. For one thing, you didn’t have to be a logged-in Google user for it to track you this way. Logged-in users can set their account preferences not to track them, but there’s nothing non-Google users could do to opt out.
This kind of tracking was not a common practice, either. Jonathan Mayer at Web Policy found only four companies doing this, and they all stopped when Google got busted.
Finally, there’s the deception part. Apple makes it quite clear that its default setting is intended to block ad tracking. Even if Google’s tracking is not wrong in and of itself, Google was willingly changing Apple’s intended user experience. That should be between Apple and its users.
At the time, Google’s excuse was that its users had “opted to see personalized ads” by using its services, so it was fine to honor those preferences over Safari’s. But that ignores the people who don’t have Google accounts and were still tracked.
Furthermore, Google’s documentation used to say that Safari’s default setting “effectively accomplishes the same thing” as opting out via one’s Google account, but that’s now gone from Google’s help page.
A Speeding Ticket
When Google gets fined $25,000 for snooping on people’s home Wi-Fi networks, that’s just silly. A $10 million (or more) fine is a much more stern warning. But that’s just a fraction of a percent of its quarterly profits. It’s like giving Google a speeding ticket.
You may not care about ad tracking in and of itself, but the slope is far too slippery to let Google off the hook for this one. It shouldn’t have the right to intervene in the user experience of another company by deliberately routing around its privacy settings.
Image via Shutterstock
View full post on ReadWriteWeb