Google has entered into another settlement over its privacy violations, this time with 37 states and the District of Columbia for bypassing users’ privacy settings in Safari in order to target its online advertising. The $17 agreement will be distributed among the states with about $899,590 to the state of New York.
In a published statement, NY’s Attorney General, Eric T. Schneiderman, and others alleged that “Google’s circumvention of Safari’s default privacy settings for blocking third-party cookies violates state consumer protection and related computer privacy laws. The States claim that Google failed to inform Safari users that it was circumventing their privacy settings and that Google’s earlier representation that third-party cookies were blocked for Safari users was misleading.”
In addition to the fine, Google is expected to comply with the following rules:
- Not deploy the type of code used in this case to override a browser’s cookie blocking settings without the consumer’s consent unless it is necessary to do so in order to detect, prevent or otherwise address fraud, security or technical issues.
- Not misrepresent or omit material information to consumers about how they can use any particular Google product, service, or tool to directly manage how Google serves advertisements to their browsers.
- Improve the information it gives consumers regarding cookies, their purpose, and how the cookies are managed by consumers using Google’s products or services and tools.
- Maintain systems designed to ensure the expiration of the third-party cookies set on Safari Web browsers while their default settings had been circumvented.
This is not the first time Google has paid for its privacy negligence. In August of 2012, the search company paid the FTC $22.5 million in penalties for the same wrongdoing. While that may seem like a high number, calculations by the Wall Street Journal reveals that Google is capable of making $22.5 million in five short hours.
Further, a class action lawsuit against Google was dismissed by a Delaware judge in October of this year. Judge Sue Robinson ruled that plaintiffs could not prove that harm was done or that Google violated any legal rights, despite the FTC settlement. Google, for their part, only stopped once their tracking cookies were discovered and published, saying, ” the Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It’s important to stress that these advertising cookies do not collect personal information.”
Since there are still many other states who have not settled, it’s likely that they may seek fines.