Update: Google to pay $22.5M fine over privacy practices
The fine is the largest ever related to an FTC complaint
IDG News Service - Google will pay a historic fine to settle U.S. government charges that it violated privacy laws when it tracked via cookies users of Apple's Safari browser.
The US$22.5 million civil penalty is the largest ever secured by the U.S. Federal Trade Commission for a violation of one of its orders, the FTC said on Thursday.
However, ConsumerWatchdog.org finds the settlement inadequate for various reasons, including the amount of the fine and the fact that it allows Google to deny guilt and liability.
The fine amount is "chump change" for Google, and the FTC shouldn't have agreed to a settlement unless Google was willing to make an admission of guilt, said John Simpson, director of the privacy project at ConsumerWatchdog.org.
"This is letting Google buy its way out of trouble," he said.
The consent decree states that "Defendant denies any violation of the FTC Order, any and all liability for the claims set forth in the Complaint, and all material allegations of the Complaint save for those regarding jurisdiction and venue."
In its complaint, which it referred to the U.S. Department of Justice, the FTC said that Google falsely told Safari users that it wouldn't place tracking cookies on their devices or serve them targeted ads.
The FTC said that with this misrepresentation, Google violated an existing privacy settlement it had reached with the agency.
The settlement also requires that Google disable all tracking cookies it placed on affected users' computers.
"The record setting penalty in this matter sends a clear message to all companies under an FTC privacy order," said Jon Leibowitz, chairman of the FTC, in a statement.A "No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place."
According to the FTC, Google "for several months" in 2011 and 2012 placed tracking cookies on computers of Safari users when they visited sites in Google's DoubleClick ad network. Google had previously assured users that they would be exempt from such tracking and ad targeting because of the default settings in the Safari browser used in Macs, iPhones and iPads that block such cookies, the FTC said.
Instead, Google in many cases actively circumvented Safari's cookie-blocking settings in order to track these users, the FTC said.
The Center for Democracy and Technology praised the FTC's action, highlighting in particular that the agency moved quickly to address the issue and that in its complaint it faulted Google for acting in a way that the FTC said violates the code of conduct of the Network Advertising Initiative, to which Google belongs.
"This action demonstrates the FTC is a champion for consumer privacy rights," said Justin Brookman, CDT's Director of Consumer Privacy, in a statement.
A Google spokeswoman said via email that the FTC "is focused on a 2009 help center page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy." Google has now changed that page and "taken steps to remove the ad cookies, which collected no personal information, from Apple's browsers," she said.
The DOJ filed the complaint and proposed settlement on behalf of the FTC in U.S. District Court for the District of Northern California in San Jose this week. A The proposed consent decree is subject to court approval.
ConsumerWatchdog.org's Simpson said the organization is considering challenging the settlement by arguing that it doesn't serve the public interest if it doesn't include an admission of guilt from Google.
A similar view is shared by FTC Commissioner J. Thomas Rosch, the only one of five commissioners who voted against referring the complaint to the DOJ and approving the proposed settlement.
"There is no question in my mind that there is 'reason to believe' that Google is in contempt of a prior Commission order. However, I dissent from accepting this consent decree because it arguably cannot be concluded that the consent decree is in the public interest when it contains a denial of liability," Rosch wrote in a dissenting statement.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Government Agency Webifies Outdated COBOL Applications Let this CTO tell you how his agency converted 1980s-era green screens into an e-filing portal for the 100,000 cases handled each year...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the... All Applications White Papers | Webcasts