Google Fined $22.5M Over Safari Privacy Violation

wiredmikey writes "The US Federal Trade Commission fined Google $22.5 million for violating the privacy of people who used rival Apple's Safari web browser even after pledging not to do so. The FTC said Google had agreed with the commission in October 2011 not to place tracking cookies on or deliver targeted ads to Safari users, but then went ahead and did so. 'For several months in 2011 and 2012, Google placed a certain advertising tracking cookie on the computers of Safari users who visited sites within Google's DoubleClick advertising network,' the FTC said in a statement. 'Google had previously told these users they would automatically be opted out of such tracking.' While Google agreed to the fine, it did NOT admit it had violated the earlier agreement."

Re:

[RaceProUK]

The CEO just stuck his hand down the back of the couch in his office.

Re:

[guruevi]

That's a minor fine, a little higher than a parking ticket and lower than a speeding ticket for us average people (.06%)

hmmm...

[slashmydots]

Now if only they'd fine Apple for installing Safari as a trojan semi-silently in the background while calling it an iTunes update on the surface. That's illegal about a dozen different ways.

Re:

[Desler]

Semi-silently? The text explicitly tells you it's installing Safari and gives you a checkbox to not install it. What exactly is illegal?

Re:hmmm...

[slashmydots]

The titlebar of the update app saying "iTunes Software Updates." That isn't what it is.

No, it says "Apple Software Update"

[kiwimate]

"Semi-silently"? What, kind of like a stealth aircraft that, umm, isn't really particularly stealthy?

The dialog is clearly split - top half, iTunes, bottom half, other stuff. I uncheck it. It clearly states, right up front, that it's optional. Easy.

And the titlebar at this point says "Apple Software Update". Once you choose to go ahead and install iTunes, then it will say iTunes updates, which I think sounds alarmingly sensible, quite honestly.

iTunes is a dreadful, dreadful piece of software on Windows. But

Re:

[Anonymous Coward]

That how it works AFTER people complained. Originally Safari was in the same box as iTunes and checked by default. Like this:

http://blog.gordaen.com/wp-content/uploads/2008/03/quicktime_update2.jpg

Re:

[Plumpaquatsch]

That how it works AFTER people complained. Originally Safari was in the same box as iTunes and checked by default. Like this:

http://blog.gordaen.com/wp-content/uploads/2008/03/quicktime_update2.jpg

But unlike for the third party crap that seems to be installed now with every updater (*) on Windows, by default it is disabled for quite some time now.

(*) the checkbox is always hidden in the graphics of the second to last pop-up window of the installer, or on the webpage somewhere far from the install-button. Adobe updates, Java updates, even WinSCP (IIRC) updates try to force some third-party dreck on me.

Re:

[RaceProUK]

You must be using the wrong updaters - neither Adobe nor Java attempt to install third party shite. Not the ones I've used anyway.

Re:

[RaceProUK]

Musta missed that update. Either that, or I auto-unchecked the box without really noticing what it was exactly.

Re:

[Plumpaquatsch]

The titlebar of the update app saying "iTunes Software Updates." That isn't what it is.

AFAIK the program has always been called "Apple Software Update". And the the checkbox to install Safari has been disabled by default for over three years now.

Not that it matters now that Safari for Windows is dead.

Re:

[gagol]

That is the reason iTunes got out of my computers aeons ago.

Re:

[Anonymous Coward]

You mean the checkbox in plain sight that you can simply un-check, and not install Safari? I'm not sure how that is a trojan or semi-silent or in the background.

Google installs the auto-update spyware with Earth without any option to disable it, unless you know to get the "advanced" installer. Now that is a trojan! Removing the updater is not exactly easy either.

Re:hmmm...

[Teckla]

You mean the checkbox in plain sight that you can simply un-check, and not install Safari?

You know, I always used to look down on people the same way you are now. For years and years.

Until, one fateful day, I did not pay enough attention to an Adobe Reader update. It installed Google Chrome. I guess I missed an opt-out checkbox somewhere along the way. (Unless it was a 100% stealth install? I guess that's possible.)

Ever since that happened, I no longer look down on people the same way like that. I think an out-opt default, when we are talking about installing brand new software (not updates), is just plain wrong for companies to do. In my opinion, new software installs should always be opt-in.

It's just the right thing to do.

Re:

[mcgrew]

It's just the right thing to do.

Which doesn't matter a bit to the sociopaths that run these big corporations.

Re:

[shentino]

The right thing to do is not to test our diligence.

We are consumers, not QA.

Re:

[Kergan]

Meh, this is slashdot! It would be a dead site if not for Apple/Google flame warriors.

Re:

[slashmydots]

I'm not too thrilled with either of them. Does that make me an independent? lol. You seem to have forgotten that...when God created the Earth, he did not intend for people to argue over which company was better :-P Aaaaand cue Flame WWIII.

Re:

[TheRaven64]

There are lots of stories when it's on-topic to post about Apple's wrongdoings. This story is for posting about Google's. Let's not be partisan here, we can spend enough time flaming both. And probably even Microsoft if they ever manage to do something relevant again...

Re:

[Ash Vince]

There are lots of stories when it's on-topic to post about Apple's wrongdoings. This story is for posting about Google's. Let's not be partisan here, we can spend enough time flaming both. And probably even Microsoft if they ever manage to do something relevant again...

Actually, Apple does have a part to play in this too. They chose to select a default setting under the guise of "protecting users privacy" that was actually more about hurting a competitor. Microsoft have just done exactly the same thing. Neither of these two companies give two shits about users privacy, they just want to hurt Google by any means necessary. Apple just love tracking users on the iphone in application adverts, I recall. Microsoft will probably build some sort of tracking crap or something int

Re:

[Plumpaquatsch]

Congratulations! I knew some Google fanboy would try and turn this thread about Google wrongdoing into a rant about how Apple is in the wrong for dumping Safari on everyone - despite not doing that for over three years now.

Re:

[cpu6502]

It isn't illegal if they tell you Safari is also being installed. Software companies have been doing this stuff for over a decade now. (Maybe Apple will let us download the whole OS X too. That would be sweet.)

Re:

[slashmydots]

if Ford put in a GPS tracking device in your car but called it an update/recall despite it having nothing to do with the operation of the product they sold you, they'd be arrested.

Re:

[JoelKatz]

It's a bit bogus to compare something that breaks US law to something that doesn't break US law.

Re:

[__aaltlg1547]

Unless they asked your permission and only installed the GPS after you authorized it -- like Apple did.

Re:

[Truedat]

Yep, because that's the story here, right?

Re:

[DragonWriter]

Google's profit is in the billions! How exactly is 22.5 million justice?

Well, given the contribution of what was alleged to Google's profits, the $22.5 million is probably way too much for any kind of justice. But that's pretty much beside the point when it comes to an out of court settlement. What it is probably more relevant is that it is both:

• more than (the net amount the FTC would be likely to make stick through administrative process and appeals) times (the probability of the FTC prevailing) minus (th

Re:

[__aaltlg1547]

Funny how only corporations get offered deals like that.

Re:

[BronsCon]

RIAA Vict^H^H^H^H^H^H^H^H^HMusic pirates get similar offers, actually.

Re:

[DragonWriter]

Funny how only corporations get offered deals like that.

In reality, settlements where the paying party doesn't admit guilt are reasonably common in civil cases regardless of whether the parties are individuals or corporations.

Of course, the cases that make the news are big money cases, and those skew disproportionately toward corporations-as-parties independently of whether they go to trial or are settled.

(And FTC actions, specifically, skew toward corporations because of their area of jurisdiction, regardl

Re:

[__aaltlg1547]

But this was a criminal case.

Not admitting?

[wealthychef]

Only a lawyer can imagine a world where a person agrees to paying a 22.5 million dollar fine and then can seriously claim they did nothing wrong.

Re:Not admitting?

[Anonymous Coward]

Only a lawyer can imagine a world where a person agrees to paying a 22.5 million dollar fine and then can seriously claim they did nothing wrong.

Not only did lawyers imagine such a world, they have created it. How many times do you hear of a company that gets bullied by a larger company and agrees to pay money to make the bully go away--even when the smaller company is clearly in the right--because paying the bully to go away is less expensive than fighting and winning against it in court?

Re:

[Kergan]

The thought of Google paying Apple to make it stop bullying it gave me a good laugh.

Re:

[DragonWriter]

The thought of Google paying Apple to make it stop bullying it gave me a good laugh.

Either this is posted in the wrong thread, or you have confused Apple with the US Government, which was the party with whom Google settled in this case.

Re:

[John Jorsett]

How many times do you hear of a company that gets bullied by a larger company and agrees to pay money to make the bully go away--even when the smaller company is clearly in the right--because paying the bully to go away is less expensive than fighting and winning against it in court?

Not just among companies, either. California has a litigation industry built around demanding settlements from small businesses under the Americans With Disabilities Act. Give them $5K and they'll go away. Fight it and it'll cost you several times that. So most of them settle, even when the alleged infraction is a crock. There was one case locally where a law firm wrote demand letters to every business in a small town near San Diego, at least some of which it could be proven the plaintiff could not possibly

Re:

[__aaltlg1547]

Not in a game-theoretic analysis.

Re:

[Lando]

President doesn't make laws, typically. Congress does and since most candidates running for office are lawyers, I don't think there is much choice since you can either vote for member A or B, throw you vote away on C or not vote. Biggest issue I see is no accountability by our elected officials, but that's a different issue.

Re:

[mcgrew]

I don't think there is much choice since you can either vote for member A or B, throw you vote away on C or not vote.

That "throw your vote away" is bovine manure. If that were true, then anyone in Illinois who votes for anybody but Obama is throwing his vote away, because Obama has Illinois sewn up and will win here by a landslide. By the "voting for a loser is throwing your vote away" metric, there's no reason for anyone from Illinois to even bother voting.

I consider "throwing your vote away" to be voting

Re:

[Lando]

Right now there is no way anyone other than one of the two majority parties could be elected. I admit that should a third party candidate even pull in 10% of the vote, there might be a shift in politics, but since I can't see any third party politician getting even 2% of the vote, not voting is the same as voting for a third party politician. I don't see how anyone voting against Obama in Illinois does any good, there is no second place. I believe NH may have proportional voting, but I don't believe Il

Re:

[mcgrew]

I mean what do you accomplish by voting for someone else?

Not having you counted as either being in favor the D and R policies, or being counted as apathetic. It's a vote for "none of the above." If enough non-voters did this, things would change.

Re:

[Lando]

Sure, if enough voters did that, things might change. I stipulated above if 5% or 10% of the population did this, there would be possible change, but as it stands, this doesn't happen. Your contention was that a vote for someone else was not a wasted vote. Are you now stipulating that it's a wasted vote unless enough people vote this way? If so, it doesn't seem to conflict with my previous statement and yet you were saying I was completely wrong.

Re:

[mcgrew]

No vote is wasted, period. Even a vote for Mickey Mouse is a vote for "none of the above". I guess everyone who voted for McCain wasted their votes?

Re:

[Lando]

Wow, apparently you can't make a rational argument since your not bothering to respond to my comments. It's apparent that you don't feel it's worth your time to read and respond to what I am saying, so I'll move on. Thanks for the conversation, sorry I was too stupid to realize you were just wasting my time.

Re:

[cpu6502]

It's called a settlement, which saves the court's time-and-energy avoiding a long battle. 11 years ago the CD Cartel (record companies) did the same thing when they agreed to refund $25 to all 1990-to-2001 CD purchasers, in order to end the litigation immediately. They also admitted no wrongdoing.

Google does no evil

[Yakasha]

But remember, evil is subjective.

Re:

[Anonymous Coward]

Google does no evil is a declarative statement, not a descriptive one. If Google does it, it wasn't evil.

Re:

[cpu6502]

>>>If Google does it, it wasn't evil.

Sounds like our drone policy. Or Richard Nixon. "If the dead person was in the combat area, he or she is not an innocent victim. They are terrorists. Therefore we have a zero civilian casualty rate." Even the little kids were terrorists? "Yes."

"If the president does it, it's not a crime." - Nixon.

Re:

[mcgrew]

Do you have a citation for that? Because I don't think I'd ever heard the word "terrorist" until Clinton was in office. And there were no drones when Nixon was in office (at least nobody was supposed to know about them; they were classified then).

The day I got home from SEA, the headlines were screaming "NIXON RESIGNS!!!" so it's not like I wasn't around back then. In that time period it was communists, not terrorists, that were the bugaboo.

Google does no evil *

[93 Escort Wagon]

* For sufficiently narrow definitions of "evil".

Re:

[Twinbee]

Also there are grey shades.

Re:

[TheRaven64]

That's not the (unofficial) motto. The actual phrasing is 'don't be evil'. The crusaders and many other groups before and after committed atrocities that were fine because they weren't evil, they were just doing evil things in the cause of good. On a more mundane scale, it's easy to say that you do more good than evil and therefore you aren't being evil. Do no evil is a much stronger requirement than don't be evil.

IE 10 potential fine?

[Billly Gates]

Yesterday, it was posted that IE 10 will have Do Not Track by default turned on [slashdot.org] by default.

Does that mean Google can be fined if it ignores the users' request for the Do Not Track? What is the difference between this and Safari? I wonder because the comments in that story suggested that website operators can use it an an opt in and ignore it otherwise. I wonder if it would then be a liability to do so?

Re:

[slashmydots]

I don't think Google "said" they would honor it. I think they actually said they wouldn't. They're being sued over the Safari thing because they said they wouldn't track people using it then did anyway. So mostly the fine is for lying, not the tracking.

Re:

[JoelKatz]

Right, but they said they wouldn't because EU law required them to -- a law that would be unconstitutional (violating the first Amendment) if it was a US law. So why is the US enforcing such a law?

As a somewhat absurd hypothetical, consider if Iran passed a law that a company can't do business with Iran if they hire any Jews. Some company really wants to do business with Iran, so as Iranian law requires, they say they won't hire any Jews. Then the United States government gets a tip that this company has hi

Re:IE 10 potential fine?

[tooyoung]

No, Google is not being sued for lying. They are being sued for purposely circumventing a privacy control via what could be called a hack. Now, you can blame Apple for the fact that this hack was possible, but do you not blame the party who purposely circumvented the mechanism? If I can find a way to circumvent your computer's security mechanism, would you only blame the OS manufacturer, or would you be upset that I broke in?

Re:

[Kilz]

No, Google is not being sued for lying. They are being sued for purposely circumventing a privacy control via what could be called a hack. Now, you can blame Apple for the fact that this hack was possible, but do you not blame the party who purposely circumvented the mechanism? If I can find a way to circumvent your computer's security mechanism, would you only blame the OS manufacturer, or would you be upset that I broke in?

The problem is that Webkit, the engine that Safari uses, told people how to do this in a bug report. Google didnt "hack" anything, the developers placed the ability to do it in the code.

https://bugs.webkit.org/show_bug.cgi?id=35824 [webkit.org]

Re:

[DJRumpy]

Because the Safari settings wasn't just 'asking' not to be tracked, but rather was supposed to prevent cookies from being placed by 3rd parties (essentially web sites you hadn't directly visited). What google did was to simulate a fake form submission to this third party site in order to set a cookie.

Not similar at all to the honor system 'do not track' setting.

Re:

[Ash Vince]

Because the Safari settings wasn't just 'asking' not to be tracked, but rather was supposed to prevent cookies from being placed by 3rd parties (essentially web sites you hadn't directly visited). What google did was to simulate a fake form submission to this third party site in order to set a cookie.

Not similar at all to the honor system 'do not track' setting.

Some AC in this thread has posted that google only did this when the user had a Google and account and had ticked the box saying there did not mind being tracked. If that is true it does make things slightly less clear cut as to their wrong doing, especially being that Apple just blindly applied this setting to every users broswer with asking them.

I have to admit though, I knew they did this as it broke the website I work on and it caused me a whole shit load of hassle so I am very biased. We provide an ele

Re:

[DJRumpy]

If such was the case, the proper corse from google would have been to notify the user so they could visit the third party site, or inform them how to disable the setting. Hacking around it and as a result forcing all users to be tracked isn't a good answer.

The easy fix would to be a button the user could click to submit a real user initiated form to the site in question, hence no longer making it a 3rd Party Site :)

Business as usual

[TubeSteak]

Step 1: Get caught doing something shitty
Step 2: Promise to the regulators that it won't happen again
GO TO Step 1

Re:

[TDUdude]

Don't forget the other 2 steps. After your step one but in the mix somewhere would be: > Make $200 million ... or billion > Pay $22.5 million in fines > Count the money while laughing all the way to the bank hoping for another gov fine deal like that again!! YEAH!!! GO TO Step one again? ;-)

Re:

[TheRaven64]

While $22.5m isn't much in comparison to Google's total profits, I wouldn't be surprised if it's more than they made as a result of this particular issue. It only affected users who use Safari, have a Google account, and have the privacy setting enabled, and even then it only allows them to collect marginally more data than normal, so it's not clear how valuable that extra data is. That said, a perhaps more fitting punishment would have been to require them to delete all personally identifying information

What is so special about Safari users?

[epp_b]

What is so special about Safari users that would entitle them to be treated any differently than users of any other browser?

Re:

[slashmydots]

The fact that (TFA quote): "Google had previously told these users they would automatically be opted out of such tracking." Actually that's from TF summary.

Google's side of the story

[MindlessAutomata]

I don't remember the details, but wasn't this a little more nuanced then just Google straight-up lying?

Also, and I'm not trying to defend Google if they did lie about this or whatever, but I think a lot of the crap over cookies is popular media sideshow scare stuff. It (in this case, I believe) doesn't identify individual users and anyway people can generally be tracked by IP and sessions and other stuff.

Re:

[VortexCortex]

I want to be able to log in! But I don't want any stateful information stored outside the stateless protocols!

I want to have a browser that makes exceptions to just outright disallowing 3rd party cookies, but I want revenge when those exceptions backfire!

Re:

[DontLickJesus]

You are absolutely right, they didn't lie. As a matter of fact, they didn't even commit the crime. Google used a feature, bug, whatever, offered by Safari, to allow logged in users to use a opt-in service. The real problem is that they left the door open, which allowed for other advertisers to piggy-back off their cookie. I feel the fine is appropriately sized, but now I want to know when the government is going after those that piggybacked. I guarantee Google has that information.

Are they All evil?

[cpu6502]

Microsoft, Apple, Google, Comcast, VerizonWireless, .....

Silly me I thought when you said, "I won't do it anymore," that meant you'd stop. That doesn't seem to apply to the things called corporations.

Re:

[Lando]

Well, in truth how many times do engineers pour over the court documents that the lawyers develop while in court? Pretty simple to miss something occasionally, I'm not convinced that Google has just decided to flip the bird to all it's users and the court system yet. In comparison to the people that are "too smart" to get caught or too powerful for the courts to do anything to.

Re:

[__aaltlg1547]

They're all corporations so they will all do whatever maximizes profit whether or not it's legal or moral.

Typical Corporate Response

[dave562]

"We'll pay your fine... not because we are wrong, but because it.... 'costs too much' to prove that we didn't really do anything wrong."

I see that Google has grown large enough and been around long enough to attract high priced, high powered legal council. Good for them. They are a true corporation now.

They just need to take the final step of setting up the revolving door between themselves and Washington DC and they will truly be in the big leagues.

why is Google getting more attention than MSFT did

[AnAlchemist]

I'm not critiquing the reasons why Google is getting so much federal government attention. I'm just wondering why Google is going so much more attention from the FTC than Microsoft ever did. Maybe my memory is too short, but I don't remember MSFT getting many fines. Anybody have a (real) answer?

Re:

[__aaltlg1547]

Because the Google fine was just announced. That means it's news today.

The purpose of the law

[CuteSteveJobs]

This has been long forgotten by the people who oversee the court system, but the purpose of the law is "to moderate human behaviour."

Such a petty fine against such an incredibly wealthy company will do nothing to moderate their behaviour. To make it worse, Google is openly engaged in large scale tax evasion/avoidance. In the UK last year out of £224 million in taxes they only paid a pitfull £6 million. A fine of £14 million is pocket money to them - just operating overhead. If the government wants to moderate Google's behaviour (besides just pretending to want to) then they would fine them far, far more.

PS. In the words of Willard Mitt Romney, "Corporations are people too, my friend!"

http://www.dailymail.co.uk/debate/article-2125883/Amazon-Google-sordid-reality-tax-avoidance.html
http://www.forbes.com/sites/timworstall/2012/08/09/is-google-avoiding-or-evading-taxes-in-the-uk/ [forbes.com]

Proportional to the offense

[aNonnyMouseCowered]

"A fine of £14 million is pocket money to them - just operating overhead. If the government wants to moderate Google's behaviour (besides just pretending to want to) then they would fine them far, far more."

A fine thought, however, think of the consequences of say fining Google a £/$1 billion for an offense that hasn't harmed much less killed any kittens. This would jack up the liabilities of companies that do real harm like an oil spill or a nuclear radiation leak. So what do your p

Re:

[Shrike82]

To make it worse, Google is openly engaged in large scale tax evasion/avoidance.

Just to nitpick (a.k.a. correct your misleading comment) evasion and avoidance are two totally separate things. One is illegal. The other is not. If you are aware that Google are evading tax then you should inform the taxation authorities in the relevant countries and become the hero of many an anti-Google fanboy.

Google are known to be avoiding tax, and to many people (including me) that smacks of immoral behaviour. Taxes are there for a reason. They pay for shit that helps everyone. However, the tax system

Where does the money go?

[thisisauniqueid]

I always wondered with fines imposed by the FTC, ITC, FDA etc. -- where does the money go? Is there any incentive for govt regulatory bodies to make sure they hit a quota of fines each year so they can keep up with their budget?

Re:

[Lando]

Unlike a lot of state/county "fund raising", fines collected by the FTC and other departments are not counted as income. Some of the money may go to the people that file the grievance with the FTC with the balance going to the treasury department. Fines are only about 1 million or so a year, maybe a bit higher, so compared to the trillion or so dollars the government is spending, it doesn't really provide incentive to fine people except as needed in order to protect consumers.

Information comes from http:/ [ftc.gov]

Be evil

[gweihir]

By now they seem to have enough important movers and shakers in their pocket, that they can get put of immoral and criminal behavior without even having to admit something and with fines that are a joke. Time for everybody with still intact ethics to leave them.

Re:

[account_deleted]

Comment removed based on user account deletion

Someone had to say it...

[Brewster Jennings]

I blame the Conservative coders over at Google+.