Google is to pay $17 million to the states and the district, and has agreed to:
- Stop using code to override a browser’s cookie-blocking settings and to stop placing cookies on a browser without the users’ consent (except when it comes to dealing with security, fraud or technical issues);
- Avoid misrepresenting information provided to consumers about how they can use Google products to control the ads they see (or omitting such information altogether)
- Maintain for five years a standalone page on the Google.com domain dedicated to explaining what cookies are, how to manage them, and how Google uses them
- Maintain systems configured to instruct Safari browsers to expire any Cookie placed from the doubleclick.net domain by Google through February 15, 2012 (with the exception of the DoubleClick opt-out cookie).
The same thing happened when last year Google settled the same charges with the FTC, and was required to pay $22.5 million. At the time - as it does now - Google claimed that they didn’t do it on purpose, and that because of a particular operation of the Safari browser, that initial temporary cookie from the DoubleClick domain opened the door to all cookies from it, including the Google advertising tracking cookie that Google said would be blocked from Safari browsers.
A little over a month ago, a class action suit raised against Google by Safari users for the same reason has ended well for Google as the judge ruled that the plaintiffs hadn’t proved that they had been harmed by the action or that Google had violated their rights, and dismissed the suit.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.