Court reinstates lawsuit over Google iPhone user tracking

The lawsuit alleges Google should be held accountable for bypassing default iPhone privacy settings.
Written by Charlie Osborne, Contributing Writer

A court in the United Kingdom has ruled that a lawsuit alleging Google tracked and harvested information belonging to iPhone users without consent can go ahead. 

The decision, which overturns a previous ruling that threw out the case, means that Google may end up in front of a judge to defend itself against the allegations made by consumer advocate group Google You Owe Us, as reported by Bloomberg

Led by Richard Lloyd, Google You Owe Us alleges that Google tracked and gathered personal information from roughly 5.4 million iPhone users between 2011 and 2012. 

According to the group, this was achieved by bypassing Apple's default privacy settings in the Safari browser on iPhones. 

See also: Google accused of leaking personal data to thousands of advertisers

The so-called "Safari Workaround" was employed to track Internet browsing history, the group says, which gave Google a vast repository of data that could then be used for targeted advertising services. 

A JavaScript snippet was allegedly used to override Safari settings that prevented third-party cookies from being installed on a browser. 

Google You Owe Us has launched a representative action, similar to a US class-action lawsuit, in which a single individual can represent a group impacted by the same issue. 

CNET: Google wants to warn you if you reuse passwords or create weak ones

"We have started a representative action against Google because we believe they abused the rights of iPhone users by taking their data unlawfully," the group says. "We want to show that the world's biggest companies are not above the law."

Permission has been granted for the case to proceed and Lloyd agreed to pursue the "lowest common denominator" when it comes to damages. Still, should the lawsuit go in the consumer group's favor, compensation of only a few pounds each could still result in a damages bill worth millions of pounds. 

TechRepublic: How to quickly deploy a honeypot with Kali Linux

In 2013, the tech giant paid $17 million to settle claims made by 37 US states relating to the same Safari workaround. The states claimed that the Safari workaround was used to install cookies on browsers between 2011 and 2012 without permission, and also accused Google of misleading individuals by saying that default Safari settings were enough to prevent tracking. 

Google said at the time that the bypass was accidental. After the settlement was agreed, Google submitted to demands that cookies should not be installed on user browsers without consent, and Apple patched the Safari browser to prevent the loophole from working. 

Google intends to ask the UK's highest court for permission to appeal and told the publication that the lawsuit should be dismissed.

"This case relates to events that took place nearly a decade ago and that we addressed at the time," a Google spokesperson said. 

These are the worst hacks, cyberattacks, and data breaches of 2019 (so far)

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards