Google would pay record FTC fine under tentative Apple Safari settlement
By Craig Timberg,
Google would pay $22.5 million to the Federal Trade Commission, a record fine for the agency, under a tentative deal settling allegations that the search giant bypassed privacy settings on Apple computers, smartphones and tablets, according to people familiar with the agreement.
The deal, which would require the final approval of the commission, addresses claims that a Google program tracked Web behavior even as the company told users that default settings on Apple’s Safari browser prevented such tracking. The Wall Street Journal first reported on the looming deal Tuesday.
The conclusion of the FTC case would resolve one of a growing list of legal conflicts for Google, which has become a target for regulators in Europe, the United States and other nations wary of its commanding market power in the lucrative search business and its ambitions to extend its brand into many other areas.
The FTC declined to comment. Google, based in Mountain View, Calif., issued a statement saying that it could not comment on the specifics of the case but that the company observed the “highest standards of privacy and security for our users.”
Google officials have called the use of tracking cookies an accident caused by technical glitches that have been corrected. Privacy advocates have scoffed at those explanations.
“When they get caught with their fingers in the cookie jar doing something they clearly should not be doing, they say, ‘Oops, it was completely by accident,’ ” said John M. Simpson of Consumer Watchdog, based in Santa Monica, Calif., and one of several groups to file complaints about Google’s alleged tracking on Apple browsers.
Google and many other companies place cookies — small files that report on the characteristics of Web users — on computers so that, for example, a golf enthusiast sees advertisements for golf clubs or golf-themed vacations.
The default setting on Apple’s Safari browser, however, blocked such cookies unless users specifically altered a setting to allow them. Beginning in 2009, Google noted this fact on a “Help Center” Web page.
Last year, Google began using what it calls “temporary cookies” that were supposed to have the narrow function of letting the company know if a user signed in to Google services was viewing a Web ad. That was supposed to trigger the appearance of a small “+1” button on the ad. When users clicked the button, it would indicate their interest in the ad on the Google+ social network.
Google officials have said this temporary cookie malfunctioned, allowing a wide range of targeted ads to appear on Web sites visited by users.
Company officials say this action was inadvertent, but it conflicted with the language on the “Help Center” page.
In the looming deal, the FTC alleges this conflict was a “deceptive practice,” a common legal tactic for the FTC, said those familiar with the agreement, who spoke on the condition of anonymity because the deal had not been finalized. The commission last year reached a settlement with Google regarding alleged privacy violations in its Google Buzz social network, giving it authority to fine the company $16,000 in each instance for future violations.
Google has said that it stopped placing the temporary cookies immediately after learning of the problem from the Wall Street Journal in February and that it has taken other actions to remedy the problem.
“We have now changed that [“Help Center”] page and taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers,” Google said in a statement.
The $22.5 million FTC fine, if approved, would be the highest for a single company for violating an agency order. The previous record of $18.8 million was against a telemarketer in 2010. The FTC also is investigating Google on allegations of antitrust violations. European regulators are probing the company on privacy and antitrust grounds.
He came across the cookies while studying targeted advertising. It is impossible to know whether Google was aware of what its temporary cookies were doing, Mayer said, but he said the company should have known.
“At minimum, we’re talking negligence or gross negligence,” he said.
Hayley Tsukayama contributed to this report.