FTC Levies $22.5 Million Fine on Google for Privacy Violations
Google will pay a $22.5 million civil penalty to the Federal Trade Commission as settlement for charges related to tracking users of Apple's Safari browser. The fine is the largest ever imposed by the FTC for violation of one of its orders.
'A Clear Message'
FTC Chairman Jon Leibowitz said in a statement that the "record setting penalty in this matter sends a clear message to all companies under an FTC privacy order." He added that every company, "no matter how big or small," must abide by the FTC orders and their "privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place."
The FTC had charged that Google installed an advertising tracking cookie on the computers of Safari users over several months in 2011 and 2012. The users had visited sites that employ Google's DoubleClick advertising network. Previously, Google's policy had been that those users could automatically opt out of this kind of tracking, through the use of default settings in the Safari browser.
The agency contended Google informed Safari users that, as long as they did not change the default "Do Not Track" setting in the browser, the cookies would not be installed. Google is also a member of an industry network group, called the Network Advertising Initiative, which requires its member to police themselves and to disclose their data collection and use policies.
October 2011 Settlement
The FTC order that the agency said was violated was its October 2011 settlement with Google, which extends for 20 years. Its terms include provisions that prevent the technology company from misrepresenting the degree of control that consumers might have over their personal information. That settlement was primarily the result of charges that Google had used deceptive tactics and violated its own privacy promises in the launch of the now-defunct Buzz social network.
When set, Do Not Track is supposed to prevent cookies, or small tracking files, from being deposited on a user's computer by Web sites that have been visited. Tracking via cookies is widely used by advertising networks and some sites, in order to better accumulate data about the behavioral profiles of site visitors and to better target ads.
In February, The Wall Street Journal reported that Google was tracking Safari users who had selected Do Not Track, a fact which had originally been discovered by a researcher. The technology giant said it discontinued the practice after the Journal story appeared.
'Known Safari Functionality'
A Google Help page, which had said that Safari users could avoid tracking by utilizing Do Not Track, was taken down at about the same time. Google has said that the page was posted in 2009, before Apple modified the way Safari manages cookies.
According to the Journal, Google code had allowed it to avoid Safari's privacy setting by exploiting what the technology company has called "a known Safari functionality," in order to install cookies that aided in the display of ads with a +1 button. The +1 button, a tie-in to the Google+ social network, was designed to allow viewers to indicate they liked the ad by clicking the button. But clicking the button also allowed additional cookies to be installed, and thus wider tracking to occur.
Google has said that the +1 ads were intended to add value for users who were also logged in to the Google+ network. It also has contended that the depositing of additional cookies after the +1 button was clicked was a mistake, and that, at any rate, none of the cookies captured individually identifiable information.