Google settles Safari user tracking case, will pay $17 million
Posted on 19 November 2013.
A settlement has been reached to end the lawsuit filed by 37 US states and the District of Columbia against Google because the Internet giant has been found bypassing Safariís privacy settings and using cookies to track usersí browsing in order to deliver personalized ads.

Google is to pay $17 million to the states and the district, and has agreed to:
  • Stop using code to override a browserís cookie-blocking settings and to stop placing cookies on a browser without the usersí consent (except when it comes to dealing with security, fraud or technical issues);
  • Avoid misrepresenting information provided to consumers about how they can use Google products to control the ads they see (or omitting such information altogether)
  • Maintain for five years a standalone page on the domain dedicated to explaining what cookies are, how to manage them, and how Google uses them
  • Maintain systems configured to instruct Safari browsers to expire any Cookie placed from the domain by Google through February 15, 2012 (with the exception of the DoubleClick opt-out cookie).
The interesting part of the settlement is that Google hasnít and wasnít required to admit any wrongdoing or violation of law.

The same thing happened when last year Google settled the same charges with the FTC, and was required to pay $22.5 million. At the time - as it does now - Google claimed that they didnít do it on purpose, and that because of a particular operation of the Safari browser, that initial temporary cookie from the DoubleClick domain opened the door to all cookies from it, including the Google advertising tracking cookie that Google said would be blocked from Safari browsers.

A little over a month ago, a class action suit raised against Google by Safari users for the same reason has ended well for Google as the judge ruled that the plaintiffs hadnít proved that they had been harmed by the action or that Google had violated their rights, and dismissed the suit.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th