Posted in War on Privacy

Google caught circumventing default Safari user privacy protection settings

Another chapter in the Monster of Mountain View’s War on Privacy is now being written:

Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.

The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.

Google disabled its code after being contacted by The Wall Street Journal.

Google would have no doubt been happy to continue exploiting the Safari loophole – which was discovered by Stanford grad student Jonathan Meyer – but it needed to contain the bad publicity, so it told the Journal it was removing the offending code. That hasn’t stopped privacy activists and consumer advocates from giving Google a well-deserved, harsh scolding.

“Google has clearly engaged in ‘unfair and deceptive’ practices,” said John M. Simpson, Consumer Watchdog’s Privacy Project director. “They have been lying about how people can protect their privacy in their instructions about how to opt out of receiving targeted advertising.”

“The original Google statement that users of Safari who have not changed their privacy settings ‘accomplishes the same thing as setting the opt-out cookie’ is a per se misrepresentation. Not only did the company know this not to be true, it took elaborate measures to circumvent the Safari privacy safeguards, and it benefited from the misrepresentations by the commercial value it surreptitiously obtained. The fact that Google removed the evidence and made it no longer available by means of a Google search (think about that for a moment) is an admission by the company as to its malfeasance,” EPIC’s Marc Rotenberg wrote in a letter to the Federal Trade Commission.

“Coming on the heels of Google’s controversial decision to tear down the privacy-protective walls between some of its other services, this is bad news for the company,” agreed staffers with the Electronic Frontier Foundation (EFF). “It’s time for Google to acknowledge that it can do a better job of respecting the privacy of Web users. One way that Google can prove itself as a good actor in the online privacy debate is by providing meaningful ways for users to limit what data Google collects about them. Specifically, it’s time that Google’s third-party web servers start respecting Do Not Track requests, and time for Google to offer a built-in Do Not Track option.”

The problem, of course, is that Google isn’t interested in doing a better job of respecting the privacy of Web users. It’s trying to do away with the very idea. And unless users take a stand by choosing to stop doing business with Google – as we have – it may very well succeed.