FTC Reportedly Fining Google $22.5 Million Over Safari Privacy Abuse

New submitter Slashbots writes "Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. It would be the largest settlement with the FTC over privacy-related charges ever. By abusing a privacy hole in Safari, Google circumvented user settings to show them advertising and track the user. 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole, Google had been able to avoid the block, as researchers discovered in February. It installed cookies and tracked Safari users across the Web to show them personalized ads.'"

Jail Time?

[war4peace]

This thing of "We do something illegal, you fine us, everyone's happy" must stop. Somebody must serve some nice jail time (not much, say 6-12 months) and then maybe such fucked up practices would diminish.
This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.

Re:

[GodfatherofSoul]

WTF was that you?!?

Re:

[war4peace]

Heh, was my evil twin, I swear! I'm innocent!

Re:Jail Time?

[ackthpt]

This thing of "We do something illegal, you fine us, everyone's happy" must stop. Somebody must serve some nice jail time (not much, say 6-12 months) and then maybe such fucked up practices would diminish.
This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.

Geez, you and your rational views. Don't you know the corporate veil protects all within? I mean, just because Corporations are People .. seriously, they're about as accountable for their crimes as an indigent doing to your house, what you describe. You're hosed, you won't get anywhere prosecuting them. The bank crisis made this painfully clear - so many little crimes done by committee, what can you do, put the committee in jail? Fines are about the only way to punish and usually only punishes those left behind, because the people who committed the actions are now off somewhere with their big bonuses.

I like the way they fine you in Germany .. it's based upon your ability to pay. It makes you really feel the pain. A rich guy gets drunk and drives across your lawn, he can be fined hundreds of thousands, because it's based upon his income or wealth, not some set, piddly amount. So we implement such a system and then pull back in the people who made these decisions and make them pay .. prevents making a mess and escaping, while others are left to clean up after you. Also encourages leaving your former place of business in good order, going concern looked after sorta thing.

Re:

[the eric conspiracy]

> Don't you know the corporate veil protects all within?

Actually it doesn't.

http://en.wikipedia.org/wiki/Piercing_the_corporate_veil#United_States [wikipedia.org]

Re:

[war4peace]

I agree to that view as well. But sometimes, prison time hurts more than even huge fines, because the person at the top is nowhere near used to that, nor do they expect anything like that to happen to them.
The prison time shock would likely be so great that top executives would turn to become completely honest for the rest of their lives. And even if not, it's worth giving it a try.

wrong question

[Anonymous Coward]

question is, why aren't they fining anyone else who did this? Google is not the only one. I suppose nobody realized Microsoft made the complaint while doing it themselves along with facebook? [zdnet.com]

Re:

[epine]

This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.

That why credit rating agencies were granted an exemption from prosecution for liability and slander, even if their files contain shit information, and they spread it around to anyone who asks, even after they've being pointedly informed that the information is false.

You underestimate the power of a black eye well deserved, which is almos

Re:

[Charliemopps]

well, you're off base. It's hard to jail a company. The problem here isn't the penalty being a fine... the problem is fining a company that's worth $185 Billion, $22 million. That'd be like fining your average person $5 to $10. It's not even a slap on the wrist. The fine should be a percentage of the businesses market cap plus all gross revenue generated by the offending activity. Fines in the neighborhood of a Billion dollars would have a more dramatic affect on operations I'd think.

Re:

[aztektum]

Not all like you suggest. In the case of someone breaking into your house and smearing shit all over, you have cost of clean up, replacement of items that were damaged beyond repair, etc.

What monetary cost did Safari users incur by Google's actions?

I don't disagree it was a shitty practice, but your analogy is flawed.

Re:

[war4peace]

I was expecting people to extract the essence of my analogy, not take it ad literam.

Re:

[shentino]

Thing is I think they only did it for people who already had a google account, and there's a very plain opt out mechanism.

Re:

[TheGratefulNet]

"we want the MONEY, lebowski!"

yeah, carpet pissers won't be deterred by fines.

Re:

[moeinvt]

The fact that companies like Barclays, Goldman Sachs, et al. have been fined millions when their criminal activity nets them BILLIONS makes it difficult for me to think jail time is appropriate for the Google employees in this case.

Is it up to the company serving web advertisements to respect the "intended" functionality of the browser as opposed to the "actual" functionality?

Hopefully you would refrain from shitting all over people's houses for free.

Re:

[war4peace]

My post wasn't aimed at Google specifically but rather all companies who mess up like this intentionally.

Re:

[StripedCow]

There are some downsides to jailtime, as others pointed out.

A better penalty may be a temporary sales ban. In the case of Google, I would say a good penalty would be to disconnect them from the internet for a week or so.

And of course, we adhere to the adagium: three strikes and you're out!

Re:

[Chrisq]

How do you imprison a corporation?

Seriously, a better punishment would be community service. If Google had to teach a certain number of man-years in IT lessons in public schools it would be a deterrent to Google and a benefit to education.

Re:

[vlm]

If Google had to teach a certain number of man-years in IT lessons in public schools it would be a deterrent to Google and a benefit to education.

OK, your punishment makes sense for the Mighty GOOG, but what if you wanted to punish Microsoft? Having them "teach" kids is just going to screw the kids up even worse. Also "real programmers" don't have degrees, but public schools require not just bachelors but masters legally to teach.

Now what would work, is using existing community service programs. The corp has to provide 200000 paid hours of recyclables sorting, soup kitchen labor, park and roadside cleanup labor, etc. Emphasis on paid hours. Most

Re:

[serviscope_minor]

Also "real programmers" don't have degrees,

Neither do true scotsmen.

Re:

[TheRaven64]

Also "real programmers" don't have degrees, but public schools require not just bachelors but masters legally to teach

Very few programmers I've met who work at Google had fewer than two degrees. I'm not sure where all of these 'real' programmers are working, but apparently not at Google.

Re:Jail Time?

[aristotle-dude]

How do you imprison a corporation?

The "buck" is supposed to stop with the CEO of the company so you imprison/fine the CEO and/or the C-level exec who signed off on the project personally.

Some exec should be seeing either a personal fine, jail time or both.

Designated Felon

[Aqualung812]

The EPA already attempts to do this using what has been termed the "designated felon".

The idea is that if there are severe environmental damages, the company has to have someone designated as the person that will do jail time. The idea is that this person is in charge of setting and enforcing the policies that will keep her out of jail.
It even allows someone that violates the policies to be the one that serves jail time. In other words, the DF says "you must do this", and if you ignore that, you do the time.

However, this isn't enforced as much as it should be, and I'm not aware of any other use of this idea outside EPA regulations.

Re:

[Daniel Dvorkin]

And at a guess, the DF is rarely the person who actually made the decision, but instead the one who implemented it. Solicitation is a crime in itself, as a guy whose name I happen to find interesting [suntimes.com] found out recently, but that legal principle seems to go out the window when corporate money is involved.

Re:

[Daniel Dvorkin]

Good point. Maybe I should put that link in my .sig line.

Re:

[Daniel Dvorkin]

How do you imprison a corporation?

"Corporations are people, my friend." Except when they're not. Convenient how that works.

Re:

[gstoddart]

How does a corporation have free speech rights?

Re:

[MickyTheIdiot]

If the CEO is important enough to get millions of dollars, then he is important enough to jail, though I would say it would be reserved for more grevious crimes.

Rick Scott, the idiot governor of Flordia, made himself rich off what was then the biggest medicare scam in history. He is a great example of someone who should of gotten personal jail time.

Re:

[MickyTheIdiot]

Oh, and as usual, we are forgetting that a Corporation is a creation of the state; if the state is so inclined it can take away its charter and make it illegal to do business in this country. Sure they just morph and reincorporate, but that brand name would be lost forever.

Re:

[vlm]

How do you imprison a corporation?

Has anyone ever tried (cost of imprisonment per year) * (number of officers, or number of employees).

Supposedly it costs $70K per prisoner per year (hmm, I bet it depends where and what security level) so 22.5 million is 321 person-years of prison. That seems a little excessive since you can kill someone and only get a decade or so... I'm not sure the GOOGs action is quite up to the mass murderer level.

It would make a hell of a lot more sense to give corporations probation, and charge them an amount of mon

Re:Jail Time?

[geminidomino]

Supposedly it costs $70K per prisoner per year (hmm, I bet it depends where and what security level) so 22.5 million is 321 person-years of prison. That seems a little excessive since you can kill someone and only get a decade or so...

Not excessive at all when you consider that no one actually has to do the time, live with the felony conviction, etc...

A better comparison might be:

Google 2011 Revenues (Income): 37,905,000,000
Fine: 22,500,000
Fine as % of Income: 0.06%

Compare to a "comfortable" person making $100K
Gross Income: 100,000
Fine @ 0.06%: $60

Yeah, somehow I don't think that's much of a disincentive there...

Re:

[postbigbang]

It was pocket change. This afternoon, they'll continue on their merry way, have lunch, fly in the corporate jets to some important location, and it will become history. No scar tissue.

It's the cost of doing business. Privacy? Google? It is their business model to invade your privacy, and sell you out like stool pigeon. Yet people pontificate them as a balance between Microsoft and Apple. Doesn't say much for the industry today, does it?

Re:

[sortadan]

How about actually punishing them for what they did. Everyone on this thread is going nuts trying to say that because on one browser they worked around a privacy setting (bad I know), they should all go to jail, especially the people that had nothing to do with it, and a large percent of their total revenue should be given over to a newly formed government agency dedicated to poking Google employees with sharp things.

How about the targeted ads that they showed affected users amounted to 2.25M revenue (pr

Re:

[geminidomino]

I wasn't pushing for "jail time" for anyone, involved or otherwise. I do think that, regardless of the revenue that the scam brought in, that less than 1 day's revenue is far too low. It's a disincentive to try this trick again, but not against dirty tricks in general.

Re:

[sortadan]

Didn't mean to say that you were calling for that, just a lot of the previous posts on this thread. Reading below I found a link to this EFF article from Feb [eff.org] which says in part:

This tracking, discovered by Stanford researcher Jonathan Mayer, was a technical side-effect—probably an unintended side-effect—of a system that Google built to pass social personalization information (like, “your friend Suzy +1'ed this ad about candy”) from the google.com domain to the doubleclick.net domain.

As a side note, Vanilla cookie extension for Chrome is awesome.

Re:

[TheGratefulNet]

shut them down, totally and entirely, for a period of time.

that will hurt more than anything. it gets right at what ceo's fear the worst: LOSS OF POWER, even if temporary.

some public shaming might also help. make them sing "I'm a little teapot!" on tv and have them be charged the airtime for it, too! (#include 'not_sure_if_serious.jpg')

Re:

[TheRaven64]

Google has 33,077 employees, so the cost of imprisoning Google for one year would be around $2.3bn. This fine is about 3.5 days in prison for Google at that rate.

Note, however, that you are looking at the cost to the state of putting someone in prison, not the cost to the person. People in prison don't earn anything, but still have many of their expenses (mortgage and insurance if they have a house, storage for their possessions if they don't). Google's annual revenue is almost $40bn, so the cost to t

Re:

[shentino]

And then you have an agency with an incentive to fine someone just to give their own budget a boost.

Better yet is to make all criminal and civil fines devoted to paying off the national debt.

Re:

[bill_mcgonigle]

How do you imprison a corporation?

you suspend their license to operate for a period of time.

Re:

[vlm]

How do you imprison a corporation?

There's X active employees around the time of the crime and that crime earns a Y month prison term if a mere citizen did it instead of a corp. There are practical issues with sending individuals to prison, but GOOG could hire/outsource A number of unemployed and/or homeless people to attend prison in their employees place for B months where X*Y = A*B and the monthly "wage" of attending prison as an honorary GOOG employee floats as a free market but never declines below 40 hours a week at minimum wage. "In

Re:

[future assassin]

You jail the person who came up with the idea. Just because you hide behind a corporation doesn't mean you are not liable if you do something that is against the law.

Re:

[Tough Love]

Make all the Googlers work out of Apple HQ for a week.

Re:

[Buccaneer Waggerstrm]

You freeze Google's assets and jail anyone involved. Problem solved.

Re:

[Savage-Rabbit]

And that punishes people who had nothing to do with. Again, ask the judicial system.

Screw jail time. All that accomplishes is that a few scapegoats go to jail while the rest of the cabal which inevitably escapes prosecution goes and buys new yachts to celebrate getting away with breaking the law. Do what was done here, fine them, except make the fine much bigger. Google shrugs off a $22 million fine, but I $2 billion would get their attention. The only time a corporation feels pain is when it looses money.

Re:

[war4peace]

How about both? CEO in jail (or at least one of the few directly reporting to him) AND a hefty fine, which is a % of yearly profit, starting from 10% and increasing by a fixed amount every time they are found guilty of something.

Re:

[Monoman]

People and corporations ned to be accountable. No more hiding behind a corporate identity. The fact is corporations are made up of people. People making decisions and people taking actions. The people that made the decision to break the law as well as those that did the law breaking should do jail time. The corporation should also be significantly punished (most likely monetary).

Re:

[tripleevenfall]

You can't just make up a number for a fine.

Re:

[Blrfl]

Really, it just puts the onus on employees to carefully vet the companies that make them offers. It's no different than going to work for a company with a shaky business model that collapses a year later. If you go to work for a company with a record of having been shut down for doing illegal things, you run the risk of them being recidivist.

Re:

[MachDelta]

More usefully, find who implemented it. Give them the standard mob options: 15 years, or 5 if you can prove you were just a grunt. Continue the chain until someone's getting 15 years.

Guilty until proven innocent on the grunt's part, eh? I suspect we would see a lot of grunts with tire tracks on their backsides.
Meanwhile, the "We're responsible for the company until we're not responsible for the company" CxO's would still swim in champagne, ski in cocaine and float about on the breeze in their golden parachutes.

Re:

[SuricouRaven]

The Pointy-Haired Boss explained the problem with this: "Credit travels upwards, blame travels downwards. That's just the way it works."

Re:

[MickyTheIdiot]

Every time the corporate anarchists have to come out to play.

Re:

[Savage-Rabbit]

Because of that fine, Apple will have to use the cheap toilet paper for a whole DAY! YOU try to develop with a sore anus!

Umm, Google was the company that ignored the settings on Apple's browser. Google is being fined, not Apple.

Do you lack the ability to comprehend simple sentences, or is your hatred of Apple the issue? ::sigh::

I's called a 'Freudian slip [wikipedia.org]'.

Re:

[war4peace]

I know. That's why I'm writing on Slashdot instead of lobbying for it out there on the streets :)

Re:

[war4peace]

The Privacy settings ARE doing their job... to some extent. If you find a loophole that obviously wan't intended to be there, you report it rather than exploit it. If I find out that the online banking solution that I use allows me to circumvent it to fill my coffers and I do that, it's a felony, regardless whether their implementation is buggy or not.

Okay, I'm glad to see this, but ...

[Daniel Dvorkin]

... like most corporate fines, the number seems absurdly low. $22.5 million is about 0.06% (not 6%, 0.06%, six hundredths of a percent) of Google's 2011 revenue. This would be equivalent to fining the average person about twenty bucks, which isn't much of a deterrent when there's serious money to be made by breaking the rules. Until fines for these kinds of violations at least come close to matching the potential profit, the behavior isn't going to change.

Re:

[nedlohs]

You're mixing two different things. Either the fine should be based on income in order to make the punishment be of similar "pain", in which case that it can make "serious money" is irrelevant. Or the fine should be based on how much money can be made by breaking the rules, in which case the income of the rule breaker is irrelevant. Or some combination (just you can have both a compensatory and a punitive damages award) of course, but arguing for the former based on the later makes no sense.

If breaking the

Re:

[DragonWriter]

... like most corporate fines, the number seems absurdly low.

Its actually not a fine, its a settlement without admission of wrongdoing. An actual fine would require the FTC to prove that Google had done something for which it could be fined, which would have involved more public expense at greater risk. (If they had a really strong case, they would have held out for at least a settlement with an admission of wrongdoing, since when finalized such a settlement would have greater value in future proceedings.)

Re:Okay, I'm glad to see this, but ...

[timeOday]

This is all so arbitrary. Oddly enough google's fine of $22.5 million is exactly 1000 times the fine of $22,500 [wikipedia.org] that US courts recently upheld as a reasonable fine for pirating songs - that's per song. So if we held "stealing" a user's surfing habits to be equivalent to "stealing" a copy of a song, google's fine would only cover the first 1000 affected users.

Re:

[Tough Love]

... like most corporate fines, the number seems absurdly low.

Commensurate with the offense.

Apple: "The pOwed our thingy!"

Government: "You pOwed their thingy!"

Google: "We didn't know and we didn't mean to. It was an intern."

Government: "You are fined. Now you know."

Re:

[MachDelta]

"Google slashes 10% of workforce in order to recoup costs from fines to keep shareholders happy"

Shit, like water, always runs downhill.

Re:

[jo_ham]

Actually yes, I use it all the time. I have Safari and Chrome as my two main browsers (used to be Safari and Firefox).

Yes, it ships on OS X and I know a fair few Mac users who don't use it (and they all seem to universally use Chrome instead), but Safari is actually not a terrible browser (on the Mac - I cannot speak to the Windows version), so people who use it tend to see no reason to change.

Illegal?

[Bigby]

Is this illegal because of the DMCA? It is very common for people and companies to circumvent application security. It is usually up to the application to secure itself.

Does this mean that I could sue someone for using some form of XRay glasses? Because my clothes are supposed to prevent people from seeing me naked...

Re:

[Shompol]

...someone like TSA. They finally installed naked scanners in JFK. I am not even sure if i can opt out, or if i should.

Re:

[Shompol]

Grammar Nazi strikes again! It is because of people like you that we delay the orxogrefkl riform, and wi dont hev a lojikl, kohirnt speling in ius xrewawt xe Ingliy-spiking werld [caltech.edu]

Re:Illegal?

[msauve]

No. It wasn't any sort of active attempt at hacking. It wasn't breaking any encryption. Even the EFF [eff.org] admits it was probably unintended.

Saying Google "used a loophole" is just a loaded way of saying Safari had a bug. The technique had been known for at least two years [wsj.com], and was used by companies other than Google.

Re:

[gl4ss]

look, if you find a loophole in say a forums code and start using that to host your files, you're pretty much going to get hosed in court for that even if it didn't include hacking and was just working as intended, while you were using the service in unintented fashion.

why should a corp be different?

Re:

[msauve]

Since when is a browser a website?

Re:

[Raenex]

The browser runs on my computer. If I hosted a site that hacked into your computer when you browsed it, by all accounts, legally and ethically, I should be held liable for computer fraud and abuse.

Re:

[msauve]

Nothing about the cookies Google placed had anything remotely to do with hacking or computer abuse or fraud.

Re:

[Baloroth]

It probably wasn't illegal. Google just realized it would be easier to pay up-front than get involved in a legal dispute over who did what when that would drag out and be all over the news for the next month with headlines like "Did Google Hack Apple Products?" Which you know would happen.

Re:

[SuricouRaven]

The DMCA only applies to security measures intended to restrict access to copyright-protected works. It doesn't apply to security in general.

Not a sentence

[k(wi)r(kipedia)]

Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. Google, the largest settlement with FTC over privacy related charges ever.

The part that begins with "Google, the largest settlement" isn't a sentence. Either it's missing a verb or it's a wrongly split part of the first sentence: "Google will settle with the FTC for nearly $22.5 million, the largest settlement with the FTC over privacy-related charges."

Re:

[NoNonAlphaCharsHere]

Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. Google, [????] the largest settlement with [the] FTC over privacy related charges ever. By abusing [a] privacy hole in Safari, Google circumvented user settings to show them [the user settings] advertising and track the users, 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole[^Wvulnerability], Google had been able to avoid[^Wcircumvent

To Google, that is 'chump change'...

[bogaboga]

...and will be taken as the a cost of doing business. Nuf said.

Re:

[Tough Love]

I think you're talking about Microsoft. Google is not nearly that far gone... they can still be shamed into doing the right thing.

Re:

[Tough Love]

Suck a dick, cock faggot. Could we have one article without some shit sack like yourself playing the MS card? Fucking die.

Hi Steve, Is that you?

Marvelous!

[multicoregeneral]

The FTC should be on top of this stuff. But 22 million dollars is nothing for Google. They make that in about ten minutes.

So Safari's privacy setting doesn't work as

[Scyber]

it is supposed to and Google gets fined? Shouldn't Apple also get fined? Submitting hidden forms is not an unknown concept in web development. Its not like Google hacked the users computer and changed the Safari settings. The settings were broken if they didn't block this. I'm not saying I agree with what Google was doing, I just think there were some serious issues with Safari's privacy settings if they allowed this in the first place.

I also don't think Google is the only company doing this. I actually had an interview with an ad company a few months back where they actually bragged about how they could track Safari users despite the default privacy settings. I never followed up on it, but I'd imagine it is something similar. I didn't take the job (for other reasons).

Re:

[Flipao]

Well maybe others were doing it but Google did get caught red handed.

Re:So Safari's privacy setting doesn't work as

[gnasher719]

it is supposed to and Google gets fined? Shouldn't Apple also get fined?

You go to jail for burglary. You don't go to jail for selling locks that a highly experienced burglar can open. Apple did provide security against Random J. Hacker, they just didn't provide enough security against a multi billion dollar company working hard to break the security.

I bet if you built a safe then Google could find someone who manages to open it as well.

Re:

[Scyber]

You would be fined if you sold locks that were advertised as "Blocking all burglars" and they didn't.

And don't think what google did was that innovative. As other articles linked in these comments show, this methodology is used by at least a half dozen other ad firms. The fact that form submissions get around the 3rd party blocking rules is something that was discussed in webkits bug tracking system in 2010 and is publicly available. Apple employees even commented on the policy and seemed to be ok

Re:

[Tough Love]

they just didn't provide enough security against a multi billion dollar company working hard to break the security

I do believe you're exaggerating the difficulty of setting an evil Safari cookie.

Re:

[moeinvt]

Putting cookies on people's computers is hardly analogous to stealing stuff from people's house.

This is more like Apple building an invisibility cloak (i-Cloak?) and then fining Google because they're able to see you and follow you around.

Re:

[jo_ham]

If a thief breaks into your house should you be fined because your door was too easy to open?

The attempts to justify Google's actions on slashdot over this whole affair have been staggering.

They did something they weren't supposed to, and are now facing the consequences. Sometimes that happens

Re:

[jo_ham]

If a thief breaks into your house with an armed security system that the criminal just presses the off button without entering in an unlock code, is the alarm company ALSO at fault for providing a false sense of security (and possible liability)?

Presumably, yes, but that's not what Safari does. It had an exploitable hole (like, an easy to bypass alarm system, for example), and Google exploited it. It's not the first piece of software with security holes, it won't be the last.

Lauren Weinsteins explanation

[IamTheRealMike]

This article has an interesting writeup of what happened, for those who are interested in the details [vortex.com].

don't be evil

[circletimessquare]

i mean, er, don't be really evil*

*we made need to add another really in there at some point

Government's Role in "Internet Freedom"

[eldavojohn]

After seeing how Slashdot reacted to Ron Paul realigning his priorities [slashdot.org], I think it's worth noting that "internet freedom" means taking the bad with the good. On the one hand, everyone noticed that SOPA would be an impossibility with the Pauls' new proposition. On the other hand, fines like these or even investigations to what Google or Safari or users are doing on the internet would be completely outside of the government's jurisdiction and as such would requires users to punish Google for these Safari abuses. And it is my opinion that the free market would not only care little about such an issue but be powerless to stop the largest online search provider.

So remember when you get excited about things like:

The manifesto, obtained yesterday by BuzzFeed, is titled "The Technology Revolution" and lays out an argument — in doomsday tones —for keeping the government entirely out of regulating anything online, and for leaving the private sector to shape the new online space.

You need to consider this story and how the private sector will abuse privacy left and right if it drives up revenues. With not even a public slap on the wrist from the government, you are faced with individuals playing a PR campaign against massive corporations. That rarely ends well for the individuals and the users.

Re:

[Bigby]

The people won't think twice because we don't really care. It is a freakin' cookie. Just because you and some others don't like it, doesn't mean it should be enforced by a government.

I swear we are going to wind up with laws that prevent a person from staring at someone for more than 10 seconds. It will be punishable with community service, which will be to clean the parking lot of some major private corporation.

What about everyone else?

[Col. Klink (retired)]

Google wasn't the only one using this widely publicized bug in Safari? According to the original WSJ [wsj.com] article:

The coding also has a role in some Facebook games and "apps"---particularly if the app wants to store a user's login information or game scores. In fact, a corporate Facebook page for app developers called "Best Practices" includes a link to Mr. Garg's blog post.

So, how large of a fine is Facebook going to pay?

Re:

[Col. Klink (retired)]

> The thing was, Google was already under an FCC settlement because of violating privacy policies in the past

Uh huh. And so is Facebook:

http://www.ftc.gov/os/caselist/0923184/111129facebookagree.pdf [ftc.gov]

From the opposite perspective

[avandesande]

If you reverse things this is like a person getting fined because they purposely accessed information on a public web server that was exposed by accident.

Reminder to Google

[moeinvt]

It's an election year. Better pay up on your protection money *cough* "campaign contributions" sometime between now and November.

Re:

[shentino]

http://www.google.com/policies/privacy/ads/ [google.com]

Google account opt out?

[shentino]

Wasn't there something about an opt out/opt in setting on your google account for off-site tracking?

I think here the FTC just wanted an excuse to fine GOOG.

I think people are just surprised google was able to track them on an iphone, whether or not they consented to it or not.

Individual users can sue

[k(wi)r(kipedia)]

Or file a class-action suit if they feel it's worth a damn. The FTC ruling is more of a regulatory move. The FTC isn't a court, and so you won't see the fabulous sums bandied about in law suits.

Re:

[0racle]

The intended effect would be that Google stops doing that.

Personally, I'm not going to hold my breath.

Re:

[b5bartender]

Why is it so hard for Google to remember?

Re:

[Swampash]

Because Google seems unable to remember it either?

Re:

[Calibax]

No, Google is being fined for taking advantage of a bug in Apple's software to make money, rather than reporting the issue to Apple so they could fix it. Heck, there's even a menu item in Safari to "Report bugs to Apple..." You seem to be blaming the victim for the poor choices of the person taking advantage of them - if someone accidentally leaves a window unlocked that doesn't translate into a right to burgle the house.

Unethical is one way to describe Google's behavior. Another way to describe it is c

Re:

[Old97]

And if you don't have good locks on your front door or if you leave a window open then whomever steals all your stuff shouldn't be prosecuted. They can keep your stuff as well.