The FTC fines Google a record $22.5 million for violating the privacy of people who used Apple’s Safari Web browser even after pledging it would not.
In levying a record $22.5-million fine against Google Inc., the Federal Trade Commission said it wanted to send a clear message to the Internet giant that it won’t tolerate similar breaches in the future.
Google on Thursday agreed to pay the fine to settle allegations that it violated a pledge to protect the privacy of its users who browse the Web with Apple Inc.’s Safari.
The FTC said Google bypassed Apple software’s privacy settings to track users across the Web and show them personalized ads. The behavior violated terms of the settlement Google reached with the commission last year over Google’s now-defunct Buzz social networking service, the FTC alleged.
“Google is paying what we think is a heavy price,” David Vladeck, director of the FTC’s bureau of competition, said on a conference call Thursday after the announcement. “This sends the message that the FTC isn’t kidding around.”
The FTC ordered Google to disable all the tracking cookies by next year. Tracking cookies are snippets of computer code that collect information about how users browse the Web and can be used to show users ads based on their browsing history.
Apple’s Safari browser blocks cookies from ad networks such as the one that Google runs. But Google tracked Safari users and showed them ads on computers and mobile devices, a privacy breach uncovered in February by Stanford researcher Jonathan Mayer.
Marc Rotenberg, president of the Electronic Privacy Information Center, said he was pleased with the FTC’s action to protect consumers’ online privacy.
“The FTC fine follows from the complaint that EPIC brought about Google Buzz. Google’s hack of the Safari browser clearly violated the terms of the order,” Rotenberg said.
Google has increasingly found itself in the regulatory cross hairs as privacy advocates decry how it handles users’ personal information. The FTC is ramping up efforts to protect consumers’ online privacy.
Even as the commission warned Google that it would mete out stiffer penalties for future privacy violations, some consumer watchdogs question whether the FTC can police technology companies without sufficient funding or legal authority. The fine, while large by the federal government’s standards, is a drop in the bucket for Google, which made nearly $38 billion last year.
Santa Monica-based Consumer Watchdog complained Thursday that the penalty was “inadequate” unless Google admits wrongdoing. It said it would try to block the settlement.
In reaching the settlement, Google did not admit that it violated the law. The Mountain View, Calif., company has said that it did not intend to breach users’ privacy and that as soon as the issue was brought to its attention it stopped using the cookies.
“We set the highest standards of privacy and security for our users,” Google said in an emailed statement.
Vladeck points out that Google did not contest the facts in the FTC complaint. He said Google’s defense that it was unaware of what it was doing was troubling.
“As a regulator, it is hard to know which answer is worse: I didn’t know or I did it deliberately,” Vladeck said.
The FTC says it will continue to monitor Google to ensure that it does not engage in deceptive practices. Google has 19 years left on the 20-year settlement it reached last year that prevents the search giant from misrepresenting how it handles user information and requires Google to submit to regular privacy audits.