Google faces $22.5m fine over iPhone, iPad privacy breach
Google faces a $22.5m fine (£14.5m) for breaching the privacy of iPhone and iPad users after bypassing cookie rejection settings on the devices, according to reports.
If confirmed, the fine would be the largest ever imposed by the US Federal Trade Commission (FTC) against a single company – and would be the second time this year that the search giant has fallen foul of regulators in the US.
The Wall Street Journal reports that the FTC and Google are close to agreeing a settlement over the privacy breach, in which Google circumvented Apple’s protections on the iPhone and iPad against the setting of third-party “cookies” – small text files stored on the user’s device – for tracking where users went on the web.
The discovery of the circumvention, by Jonathan Mayer of Stanford University, was first revealed in February. Millions of users of Apple’s iOS software on iPhones and iPads could have been affected, said Mayer. Google declined a request from the Guardian to specify when it began the tracking.
However, Google may have escaped further prosecution for breaching an FTC consent decree over privacy that it signed in March 2011 because although the breach seems to have started in or before December 2011, the documentation in which Google explained what it would do dates back to 2009, before the decree, which covered privacy breaches caused by the Google Buzz social network, since closed.
Whether or not the FCC fines Google over the cookie infraction, it will also publish a report which would detail how it reached the decision, probably with documentation from Google about how many people were affected and for how long.
Google insisted at the time that the ad tracking was inadvertent and that the workaround to plant the Google cookie was feasible within Apple’s system. It said then: “The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser [by other advertising companies using the DoubleClick network]. We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.”
Apple said at the time that “We are aware that some third parties are circumventing Safari’s privacy features and we are working to put a stop to it.”