A deal that calls for Google to pay a $22.5 million civil penalty for tracking Safari users should be rejected, Consumer Watchdog argues in new court papers.
“The proposed settlement is markedly unusual and deficient,” the organization says in papers filed on Friday with U.S. District Court Judge Susan Illston in San Francisco.
The group outlines three specific complaints with the settlement. First, Consumer Watchdog says that the “miniscule” $22.5 million penalty — estimated as less than 1/1000th of Google’s ad revenue — is too low to ensure that Google doesn’t again violate users’ privacy.
Second, Consumer Watchdog argues that the settlement should include an injunction prohibiting Google from deceiving users about privacy. Google should be required to admit liability in the case, it believes. That’s the same objection raised by Commissioner J. Thomas Rosch, who voted against accepting the settlement.
“Because the FTC permitted Google to deny the allegations of the FTC complaint, Google put its own ‘spin’ on the facts,” Consumer Watchdog argues. “Google’s spin created considerable confusion in the public over what the company actually did, who was at fault … and what the effect of the conduct was on consumers.”
The proposed settlement would resolve contempt charges against Google, stemming from allegations that the company developed a workaround to Safari’s no-tracking settings. Google — which also faces a potential class-action lawsuit over the alleged hack — did not admit wrongdoing in the case.
Stanford graduate student Jonathan Mayer first publicized the workaround in February, when he posted a report outlining how the company bypassed users’ settings. Google said that it did so in order to enable Safari users to like ads with the +1 button, and not track them throughout the Web. But once the workaround was in place, Google’s DoubleClick also was able to track people in order to target ads to them, based on their Web-surfing history. Google says it has already deleted much of the data it collected; the company promised to shed all of it by next year as part of the settlement.
The workaround might not in itself have resulted in FTC charges, but Google had specifically instructed users that the Safari browser would block tracking cookies. That statement gave the FTC grounds to charge Google with contempt for allegedly violating a 2011 consent decree that bans the company from misrepresenting its privacy practices.
For Google, the Safari hack marked at least the third major privacy controversy. In 2010, it came to light that Google’s Street View cars collected URLs, passwords, emails and other data that was sent over unencrypted WiFi networks. Google apologized for the interception, and said it intended to destroy the data.
Before that, when Google launched the now defunct social networking Buzz, the company exposed some users’ email contacts by default. That incident resulted in Google’s first consent decree with the FTC.
“Given Google’s history of failing to either respect the privacy of its users or even to comply with its prior privacy undertakings … what facts and what plausible reasoning based on those facts justify the Commission’s decision?” the group asks in its court papers.