Safari is Apple’s browser and is used in iPhones as well as Computers and iPads, and its use is not confined to Apple devices alone. One of its advantages is that it automatically stops third party cookies being placed on the device where the browser is used.
So you thought you were protected from nosey cookies [see the post about Cookies], but somehow Google managed to sneak a cookie onto Safari users’ computers bypassing the the cookie rejection settings.
And that is not on.
The US Federal Trade Commission agreed, and Google is now facing a fine of 22.5million US dollars, the largest fine to be imposed in the history of the Federal Trade Commission.
Google used a loophole in Safari to place the third-party cookie when there was interaction with the user and placing the cookie in invisible elements like a banner advert which safari would allow and thus hiding the cookie locally.
After that Google could keep tabs on which sites the user visited and gain a better view of the user’s interests and buying habits.
Normally a user had to press a link to ask for Google cookies to be set, but the circumvention meant that cookies from Google’s DoubleClick ad network were also set on the their device , and that meant they would be tracked without their explicit consent.
The discovery of the breach of privacy by Jonathan Mayer of Stanford University came to light in February so millions of users of Apple’s iOS software on iPhones and iPads could theoretically be affected before it was stopped.
Whether or not the FTC goes ahead and fines Google over the cookie infraction, it will also publish a report detailing how it reached the decision, probably with documentation from Google about how many people were affected and for how long.
The revelation of the unauthorised cookies led to widespread condemnation of Google’s moves in February by groups including the Electronic Privacy Information Center in the US.
Google said at the time that the ad tracking was inadvertent and that the workaround to plant the Google cookie was feasible within Apple’s system. It said then: “The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser [by other advertising companies using the DoubleClick network]. We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.”
Asked whether a fine was imminent, Google responded: “We cannot comment on any specifics. However we do set the highest standards of privacy and security for our users.
It does bring to mind the recent case for which Google was fined US$25,000 for grabbing data from open WiFi networks while collecting its Street Mapping data. In Europe the European Commission is considering a set of proposals from Google over concerns that it is using its monopoly in search – which is far greater in Europe than the US – to edge out rivals in “vertical” search for shopping. Google submitted its suggestions for ameliorating the EC’s concerns earlier this month, and the EC is expected to publish them for rivals to comment on if it finds them initially acceptable.