Feeds

Google expected to cough measly $22.5m for Safari privacy gaffe

Report: Choc Factory close to settling with FTC over fanboi-tracking blunder

3 Big data security analytics techniques

Google is reportedly set to cough up a piddly penalty payment of $22.5m to the US Federal Trade Commission (FTC) to settle its sneaky bypassing of the default privacy settings of Apple's Safari browser.

It was revealed by the Wall Street Journal in February this year that Google, Vibrant Media Inc, WPP PLC's Media Innovation Group LLC and Gannett Co's PointRoll Inc used code that "tricked" Safari into allowing users to have their online browsing habits tracked.

Apple's browser blocks most tracking by default with exceptions for websites that, for example, require interaction from a user – such as the filling in of an online form. Google claimed at the time that it had "mischaraterised" the code used by the ad companies.

Google later disabled the code, which installed a temporary cookie on the phones or computers of Safari users; the search biz's developers had embedded code into some of its ads that fooled the Apple browser into thinking that a form was being submitted to Google.

The WSJ is now reporting that Mountain View is close to settling with the FTC with a fine said to be the biggest of all time handed down by the regulator to a corporation.

Google offered up a withering statement to The Register that appeared to indicate that it had already accepted defeat.

We cannot comment on any specifics. However we do set the highest standards of privacy and security for our users. The FTC is focused on a 2009 help centre page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers.

The consent decree in question is the one the internet giant signed with the FTC in October last year, when Google agreed to be much more up front about its data-handling methods with its customers.

After Google's Buzz privacy howler in 2010, the company is now subjected to biennial audits for the next 20 years.

Google, as part of that agreement, avoided being fined and did not have to admit that its biz practices had been unlawful. However, if that decree has been violated, then the FTC was always clear that a fine would be slapped on Google.

The penalty is calculated based on $16,000 per violation per day and the number of iPad, iPhone and Mac users affected by Google's Safari privacy blunder could run into millions of customers.

However, as noted by the WSJ, Google racks up sales of over $20m roughly every five hours.

Perhaps Google just wants to pay the reported $22.5m fine and get on with fighting competition officials on the other side of the Atlantic. In Brussels, Belgium, the company is still fighting off "abuse of dominance" claims over its share of the search market in Europe.

The company's chairman, Eric Schmidt, sent a letter to the European Commission containing a "proposal" that Google claimed addressed the four areas of concern expressed earlier this year by Euro antitrust commissioner Joaquin Almunia.

The commissioner's office told El Reg this morning that competition officials were still perusing the contents of the letter, which has not been made public by Google.

Meanwhile, Google is undergoing a separate antitrust investigation in the US over claims the company unfairly manipulated results on its search engine to favour its own business. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.