Just in from the Federal Trade Commission:
Google Inc. has agreed to pay a record $22.5 million civil penalty to settle Federal Trade Commission charges that it misrepresented to users of Apple Inc.’s Safari Internet browser that it would not place tracking “cookies” or serve targeted ads to those users, violating an earlier privacy settlement between the company and the FTC.
Google, the developer of the world’s most popular Internet search engine, generates billions of dollars in revenues annually from selling online advertising services, including the delivery of targeted ads online. Cookies are small pieces of computer text that are used to collect information from computers and can be used to serve targeted ads to consumers. By placing a tracking cookie on a user’s computer, an advertising network can collect information about the user’s web-browsing activities and use that information to serve online ads targeted to the user’s interests or for other purposes.
In its complaint, the FTC charged that for several months in 2011 and 2012, Google placed a certain advertising tracking cookie on the computers of Safari users who visited sites within Google’s DoubleClick advertising network, although Google had previously told these users they would automatically be opted out of such tracking, as a result of the default settings of the Safari browser used in Macs, iPhones and iPads.
According to the FTC’s complaint, Google specifically told Safari users that because the Safari browser is set by default to block third-party cookies, as long as users do not change their browser settings, this setting “effectively accomplishes the same thing as [opting out of this particular Google advertising tracking cookie].” In addition, Google represented that it is a member of an industry group called the Network Advertising Initiative, which requires members to adhere to its self-regulatory code of conduct, including disclosure of their data collection and use practices.
Despite these promises, the FTC charged that Google placed advertising tracking cookies on consumers’ computers, in many cases by circumventing the Safari browser’s default cookie-blocking setting. Google exploited an exception to the browser’s default setting to place a temporary cookie from the DoubleClick domain. Because of the particular operation of the Safari browser, that initial temporary cookie opened the door to all cookies from the DoubleClick domain, including the Google advertising tracking cookie that Google had represented would be blocked from Safari browsers.