Google pays $17m to settle Safari cookie privacy-bypass charge

Google pays $17m to settle Safari cookie privacy-bypass charge

Summary: Settlement ends a two-year investigation into Google's cookie practices.

SHARE:
1

Google will pay $17m to settle claims by dozens of US states that it bypassed privacy settings in Apple's Safari browser designed to block third-party ad cookies.

The deal with 37 states and the District of Columbia prevents Google from installing cookies on any browser unless it has gained user consent.

Stanford privacy and law researcher Jonathan Mayer was the first to spot the issue, discovering that Google was using a snippet of JavaScript to override settings in Safari designed to prevent all third-party cookies from being installed in the browser.

Third-party cookies are used by ad companies such as ad company DoubleClick to deliver personalised ads, but have caused concern over their ability to track users' browsing habits across the web.

The states claimed that Google used the method to install cookies DoubleClick on Safari browsers between 1 June, 2011, until 15 February, 2012 without consumers' knowledge or consent.

They also claimed Google deceived consumers by telling them that Safari's default settings would block third-party cookies. 

"Google represented that consumers could avoid third-party cookies being placed in their Safari Web browsers simply by relying on the browser’s default settings," Connectictut attorney general George Jepsen said.

"This settlement resolves allegations that, while giving these very assurances, Google was actually bypassing those same privacy settings and placing advertisers' cookies on consumers' Safari browsers, without their knowledge or consent."

As Google explained at the time, bypassing the default settings to install ad cookies was an accidental outcome of it employing features in Safari intended to let signed-in Google users on the browser who had opted to see personalised ads to use its '+1' button on websites.

The settlement means Google doesn't have to admit any wrongdoing, however, it means the company has to underake a number of other duties, including to

  • Not misrepresent or omit material information to consumers about how they can use any particular Google product, service, or tool to directly manage how Google serves advertisements to their browsers.
  • Improve the information it gives consumers regarding cookies, their purpose, and how the cookies are managed by consumers using Google’s products or services and tools.
  • Maintain systems designed to ensure the expiration of the third-party cookies set on Safari Web browsers while their default settings had been circumvented.

Further reading

Topics: Google, Apple, Browser, Privacy

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • 47 U.S.C. §605?

    Google Inc search is a criminal violator of communications law and will get to answer for these crimes this decade and will not exist profitably by 2025.
    TheEndofPornbyWire.org
    Curtis-Neeley