Google in hot water over Safari exploit

Google’s social media service, Google Buzz, was once the target of consumer complaints and ultimately an investigation by the FTC over user privacy concerns. One of the features implemented through Buzz, for example, was auto-following email contacts; as a result, users discovered that their personal information was available even to those with whom they would not have otherwise shared it. In one notable case, due to the auto-following feature, a woman’s contact information was inadvertently provided to her abusive ex-husband.

The consumer outcry resulted in a settlement between Google and the FTC. Under the terms of the settlement, Google cannot share user information with third parties without consent, and it is prohibited from further misrepresenting its privacy settings and policies to users. Google must further assent to an independent review of its privacy policies and standards, and it cannot modify its services to provide additional personal information without user consent.

Now, the Internet search company has been served with another complaint from the FTC, this one related to Apple’s Safari browser. A study conducted by a Stanford graduate student discovered Google’s practice of subverting Safari’s default privacy settings in order to place third-party advertising cookies on any device using the Safari software—from desktop computers to iPhones.

Google has released a statement asserting that the cookie placement was inadvertent and that a flaw in the Safari software is to blame. They believe media reports have not accurately represented their actions, and deny any conscious attempt to circumvent Safari’s privacy settings. “We used known Safari functionality to provide features that signed-in Google users had enabled,” the statement said. “It’s important to stress that these advertising cookies do not collect personal information.”

The statement goes on to explain that Safari’s own inbuilt privacy protections worked against it. As a result of Google’s use of “known Safari functionality” to provide standard Google services, such as placing a “+1” button users can click to express their interest in a particular item, third-party advertising cookies were accidentally placed as well. “We didn’t anticipate that this would happen,” the statement said.

The advocacy group Consumer Watchdog, which prompted the FTC’s investigation, has not withdrawn its complaint. It is not clear whether Google faces any legal repercussions for its actions.

Archives