Feeds

Google expected to cough measly $22.5m for Safari privacy gaffe

Report: Choc Factory close to settling with FTC over fanboi-tracking blunder

High performance access to file storage

Google is reportedly set to cough up a piddly penalty payment of $22.5m to the US Federal Trade Commission (FTC) to settle its sneaky bypassing of the default privacy settings of Apple's Safari browser.

It was revealed by the Wall Street Journal in February this year that Google, Vibrant Media Inc, WPP PLC's Media Innovation Group LLC and Gannett Co's PointRoll Inc used code that "tricked" Safari into allowing users to have their online browsing habits tracked.

Apple's browser blocks most tracking by default with exceptions for websites that, for example, require interaction from a user – such as the filling in of an online form. Google claimed at the time that it had "mischaraterised" the code used by the ad companies.

Google later disabled the code, which installed a temporary cookie on the phones or computers of Safari users; the search biz's developers had embedded code into some of its ads that fooled the Apple browser into thinking that a form was being submitted to Google.

The WSJ is now reporting that Mountain View is close to settling with the FTC with a fine said to be the biggest of all time handed down by the regulator to a corporation.

Google offered up a withering statement to The Register that appeared to indicate that it had already accepted defeat.

We cannot comment on any specifics. However we do set the highest standards of privacy and security for our users. The FTC is focused on a 2009 help centre page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers.

The consent decree in question is the one the internet giant signed with the FTC in October last year, when Google agreed to be much more up front about its data-handling methods with its customers.

After Google's Buzz privacy howler in 2010, the company is now subjected to biennial audits for the next 20 years.

Google, as part of that agreement, avoided being fined and did not have to admit that its biz practices had been unlawful. However, if that decree has been violated, then the FTC was always clear that a fine would be slapped on Google.

The penalty is calculated based on $16,000 per violation per day and the number of iPad, iPhone and Mac users affected by Google's Safari privacy blunder could run into millions of customers.

However, as noted by the WSJ, Google racks up sales of over $20m roughly every five hours.

Perhaps Google just wants to pay the reported $22.5m fine and get on with fighting competition officials on the other side of the Atlantic. In Brussels, Belgium, the company is still fighting off "abuse of dominance" claims over its share of the search market in Europe.

The company's chairman, Eric Schmidt, sent a letter to the European Commission containing a "proposal" that Google claimed addressed the four areas of concern expressed earlier this year by Euro antitrust commissioner Joaquin Almunia.

The commissioner's office told El Reg this morning that competition officials were still perusing the contents of the letter, which has not been made public by Google.

Meanwhile, Google is undergoing a separate antitrust investigation in the US over claims the company unfairly manipulated results on its search engine to favour its own business. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.