Privacy groups hail Google, FTC settlement over Apple Safari tracking

Computerworld - Privacy advocates today welcomed news of a possible Google proposal to settle Federal Trade Commission (FTC) charges related to its surreptitious tracking of Apple Safari users.

The Wall Street Journal, citing unnamed sources, today reported that Google had basically agreed to pay $22.5 million to settle the FTC charges.

If that figure holds, the fine would be the biggest ever levied by the FTC on a single company. The previous record was a $10 million fine the agency imposed on data aggregator ChoicePoint Inc. in 2006 for a data breach that resulted in the compromise of nearly 160,000 consumer records.

While the fine is likely to be small change for Google, its significance cannot be underestimated, several privacy advocates said.

"The FTC fine's impact on Google can't just be measured in dollars," said Jeffrey Chester, executive director of privacy-watchdog group the Center for Digital Democracy. " It sends a strong signal to Google users that the company is still failing to do right by their privacy. If they don't do a better job protecting privacy, it will face larger fines and greater political consequences."

In a statement, Google said it could not comment on any specifics of a settlement. "However, we do set the highest standards of privacy and security for our users. The FTC is focused on a 2009 help center page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple's browsers."

The agreement comes six months after a graduate student at Stanford University published a paper showing how Google and three other companies were circumventing the Safari browser's do-not-track settings, to install tracking cookies on user systems.

The revelation prompted scathing criticism from several quarters and prompted calls by three lawmakers for an FTC probe. Several contended that the cookie placement contradicted Google's claims that it respected Safari's do-not-track settings.

Google's actions also triggered an FTC investigation over whether the company had violated the terms of a consent agreement it signed with the agency in October 2011 in which it agreed not to misrepresent its privacy claims. That consent decree followed an investigation into alleged privacy violations related to Google's now defunct Buzz social network.

Google maintained that it had not intentionally meant to bypass Safari's do-not-track-settings. The company said the problem had to do with a Safari browser function that accidentally enabled Google advertising cookies to be set on the browser even in situations where a Safari user might have turned on the do-not-track feature. Google executives maintained that the cookies were set inadvertently and that the company did not know about the problem until being alerted to it.