Google coughs up $17m to end Safari STALKER COOKIE brouhaha

Google has settled its US legal woes over allowing third-party tracking of Safari users without their knowledge and consent for the relatively paltry amount of $17m, to be shared among 37 states and the District of Columbia – aka Washington DC.

The settlement [PDF] states that between June 1, 2011, and February 15, 2012 Google managed to subvert Safari's code using JavaScript to allow the installation of DoubleClick cookies, and neglected to tell users about it. Stanford researcher Jonathan Mayer spotted the behavior and the Chocolate Factory halted the practice shortly after getting caught

"Consumers should be able to know whether there are other eyes surfing the web with them. By tracking millions of people without their knowledge, Google violated not only their privacy, but also their trust," said New York's attorney general Schneiderman, whose state will receive $899,580 in the deal. "We must give consumers the reassurance that they can browse the Internet safely and securely."

As part of the settlement Google has agreed to shut down any DoubleClick cookies if they fire up before February 14, 2014, (when they'll expire anyway), to set up a website for the next five years, explaining accurately what its cookie policy is. Google doesn't admit wrongdoing in the settlement.

"We work hard to get privacy right at Google and have taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers," a Google spokesperson told The Register in a statement. "We're pleased to have worked with the state attorneys general to reach this agreement."

An interesting turn of phrase. Back in June Google told El Reg exactly the same thing over the Street View Wi-Fi tapping saga. "Working hard to get privacy right," seems to be something of a Chocolate Factory challenge. ®