Mobile phones are great for on-the-go access to the Web, even better if you can block cookies and not be tracked. So finding out the largest search engine in the world has been ignoring your wishes and dropping a cookie anyway is not great news, says David Reed.
If you have covered your windows in aluminium foil to prevent the World Government from reading your thoughts, then this piece of news will have come as no surprise - Google circumvented privacy controls on the iPhone in order to track users and serve them targeted ads.
If you bought the iPhone partly in the knowledge that Apple was shipping it with third-party cookie blocking as standard on the Safari web browser, you might feel shocked. Around 100 individuals in the UK certainly do - so much so that they are considering being party to a law suit being brought for invasion of privacy.
And if you are a mobile marketer keen to exploit this fast growing channel, you might feel let down by one of the most important parties involved in it. As far as Google is concerned, however, no personal information was involved and therefore there was no invasion of privacy. That view seems likely to be tested in court sometime this summer.
Google’s manoeuvre came to light courtesy of a researcher at Stanford University. Jonathan Mayer reported to the Wall Street Journal that the search engine was using specially-written code to get around the cookie-blocking settings. These tricked the iPhone operating system into believing the user had submitted a form which allowed cookies to be stored on the phone without consent or knowledge. These were used to serve ads onto sites in the DoubleClick network, targeting which is critical to Google’s revenue stream.
Enter the Federal Trade Commission (FTC) in the United States which slapped a record $22.5 million fine on the company. One reason for the size of the penalty was that Google had previously entered into a 20-year privacy order with the FTC following challenges to its Buzz social network.
Jon Leibowitz, chairman of the FTC, said in a statement: “The record setting penalty in this matter sends a clear message to all companies under an FTC privacy order. No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place.”
Another factor in the decision was a help page on Google which told Safari users that because the browser’s default setting is to block third-party cookies, as long as users do not change those, this setting
Google’s response to the fine was that,
The company has further explained its position, saying:
At this point, European data experts might seek to point out that placing cookies onto a device without explicit consent is a breach of the ePrivacy Directive
Instead, a group of UK iPhone users have set in train a law suit against Google for invasion of privacy. Individuals have a reasonable expectation of privacy for activities which they carry out in private - that includes browsing the Internet. Should another person make use of the same device (iPads were affected as well as iPhones), then the ads targeted at the original individual could end up revealing something about their interests.
Since Apple was shipping its devices with blocking as the default setting, users are likely to have had that
Letters before action have been sent to Google executives with an expectation that a substantive response will have been received by late February. Should the company resist the claims being made, court proceedings will be initiated in the UK with a technical application to serve papers outside of jurisdiction.
The legal source expects no difficulties to arise from pursuing Google in this country.
If the court were to find against the search engine, it could be hit for substantial damages. By the time it goes before a judge, the number of claimants is likely to have risen considerably, making even a modest award of damages for each one multiply rapidly to a large total.
Not everybody sees this pursuit of Google over its privacy practices as reasonable. One such is The Atlas Society’s Business Rights Centre, which seeks to protect American producers against
It protests that Google was not found guilty of anything in court, but was judged by the FTC to have broken the promise it gave to the Commission, in essence treating it with contempt. Alexander R. Cohen of the BRC wrote:
Given the polarised nature of American politics, it is no surprise to find Google being defended on the basis of perceived bias against it. In the more balanced climate of the UK, few are likely to see political malice lying behind the law suit - more an important issue related to one of the most important and powerful engines of the modern economy.
(It is also somewhat ironic that an Apple device should be at the centre of a storm about privacy, since the iPhone itself keeps track of timestamped data of the longitude and latitude of the phone’s position. Many users are unaware of this tracking, which is relatively easy for another party to access via the phone or any Mac it has been synched with.)
What an independent observer might question about the explanation Google has given is the mechanism it used to place cookies onto iPhones and iPads. Where users had signed-in to Google and were actively using “+1” functions, there can be no problem. But apparently faking a handset into believing the user had taken this action, by creating a phantom form, seems far more dubious.
Consent is dear to the heart of regulators in Europe - the European Commission took the UK to court for allowing the ill-fated Phorm experiment in behavioural targeting to take place without informing subscribers. That led directly to the “cookies law” being introduced.
Commercial businesses relying on personal information will also have concerns, as should any brand that serves ads via DoubleClick. The more consumers learn of such activities, the more they will refuse consent when mechanisms to do so are offered. In one survey carried out by Ovum, 68 per cent of consumers across 11 countries would make use of “do not track” if they could. An Emailvision survey found 40 per cent of consumers unwilling to trade personal information in return for better targeted offers.
Those numbers should worry data practitioners as they threaten the free flow of data, especially in digital channels, which current marketing operations are heavily reliant on. We have not yet reached the stage where all consumers are metaphorically covering their windows with foil, but they are definitely becoming more worried about being tracked.
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024