Safari user sues Google over claimed privacy violation

Posted:
in Mac Software edited January 2014


A user of Apple's Safari, the default web browser of every Mac and iOS product, is suing Google Inc. after it came to light that the world's largest internet company had implemented a tracking system that allegedly violates federal wiretapping and privacy laws.



Attorneys for Matthew Soble filed the complaint on Tuesday in Delaware's federal court, and are seeking class-action status for the suit which asserts that Google knowingly sidestepped certain Safari privacy settings in order to track users' web activities, reports Bloomberg.



“Google’s willful and knowing actions violated” federal wiretapping laws and other computer-related statutes, the complaint said.



The issue was brought to the fore when The Wall Street Journal reported that Google had instituted code that bypassed standard Safari privacy settings and allowed the company to insert advertising cookies on an affected device.



Unlike most popular browsers, Apple's Safari is set by default to blocks cookies, or small bits of code that are meant to identify users when they return to a previously visited site. However, cookies can also afford websites to track users' movements when surfing the internet, though Google claims that its code did not execute any such function.



Cookies can be activated in Safari if a user gives permission by either clicking a pop-up window asking to allow for cookie storage or by purposely interacting with certain website features.





Safari settings menu regarding cookie handling.







In order to get around the privacy settings, Google's DoubleClick ad serving platform reportedly exploited a Safari "loophole" that "tricked" the browser into thinking that a user was purposely interacting with an ad by automatically sending an invisible form. Safari subsequently allowed the installation of a temporary cookie as if the user purposely affirmed the procedure.



Ads on 22 of the 100 most-visited websites, as ranked by Quantcast, implemented the DoubleClick workaround.



Google denies any wrongdoing and stated: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."



After being contacted by WSJ, the internet search engine immediately disabled the code and later removed information from a company site noting that users can rely on Safari's default settings to prevent Google tracking.











Other advertising companies also use the technique, such as Vibrant Media, which implements the "workaround" to "make Safari work like all the other browsers."



The recent events have brought privacy rights into question and caught the eye of advocacy group Consumer Watchdog, which sent a letter to the Federal Trade Commission asking that action be taken against the Mountain View, Calif., company.



“Safari users with the browser set to block third-party cookies thought they were not being tracked,” said Consumer Watchdog Privacy Project Director John Simpson. “Nonetheless, because of an element invisible to the user, but designed to mimic a form, DoubleClick was able to set tracking cookies in an obvious violation of the set preference.”



Going further, lawmakers are also looking into the Safari case, with West Virginia Senator John D. Rockefeller IV saying that he intends to determine the extent to which Google used the technique to "circumvent consumer choice."



[ View article on AppleInsider ]

«13456

Comments

  • tallest skiltallest skil Posts: 40,381member
    I'm curious why Google didn't do this to Firefox, Opera, and the rest.



    In before "Chrome is WebKit and Safari is WebKit2, so Google would know the absolute ins and outs of Safari better than any others and therefore would be able to circumvent its stuff more easily," because I've already thought of that.
  • j.r.j.r. Posts: 27member
    Quote:
    Originally Posted by Tallest Skil View Post


    I'm curious why Google didn't do this to Firefox, Opera, and the rest.



    In before "Chrome is WebKit and Safari is WebKit2, so Google would know the absolute ins and outs of Safari better than any others and therefore would be able to circumvent its stuff more easily," because I've already thought of that.



    Microsoft is saying they're doing it to IE, too: http://blogs.msdn.com/b/ie/archive/2...-settings.aspx
  • gatorguygatorguy Posts: 14,857member
    Quote:
    Originally Posted by J.R. View Post


    Microsoft is saying they're doing it to IE, too: http://blogs.msdn.com/b/ie/archive/2...-settings.aspx



    http://www.networkworld.com/communit...oogle-vs-truth
  • mike fixmike fix Posts: 213member
    So much for not being evil.
  • tallest skiltallest skil Posts: 40,381member
    Quote:



    "Everyone does it" is not a defense. It's not even an excuse. It's inexcusable on the face of it.
  • gatorguygatorguy Posts: 14,857member
    Quote:
    Originally Posted by Tallest Skil View Post


    "Everyone does it" is not a defense. It's not even an excuse. It's inexcusable on the face of it.



    Of course it's not a defense. I completely agree. I've told my son and daughter the same more than once.



    MS should have taken action two years ago when it was brought to their attention. . .

    of course that assumes they thought it was important.
  • mstonemstone Posts: 11,510member
    We were just using Javascript. What's the big deal?



    Everything is legal as long as you don't get caught.
  • solipsismxsolipsismx Posts: 19,566member
    Quote:



    A little blurb on why you're posting the link would help us know your position, interest facts that would encourage us to click though and perhaps go in with an understanding of where you're coming from should we disagree.
  • mstonemstone Posts: 11,510member
    Quote:
    Originally Posted by Gatorguy View Post


    Of course it's not a defense. I completely agree. I've told my son and daughter the same more than once.



    MS should have taken action two years ago when it was brought to their attention. . .

    of course that assumes they thought it was important.



    The technique with IE is different from the technique with Safari. In both cases the vendor of the browser is ultimately the one who let it happen. Not saying there may be some legal issues for Google but the browsers left the door open by mistake. In the case of Firefox they left the door open on purpose.
  • quinneyquinney Posts: 2,435member
    Quote:
    Originally Posted by Tallest Skil View Post


    I'm curious why Google didn't do this to Firefox, Opera, and the rest.



    In before "Chrome is WebKit and Safari is WebKit2, so Google would know the absolute ins and outs of Safari better than any others and therefore would be able to circumvent its stuff more easily," because I've already thought of that.



    Apparently, Microsoft is accusing Google of similarly bypassing IE privacy settings.



    oops, late freight
  • gatorguygatorguy Posts: 14,857member
    Quote:
    Originally Posted by SolipsismX View Post


    A little blurb on why you're posting the link would help us know your position, interest facts that would encourage us to click though and perhaps go in with an understanding of where you're coming from should we disagree.



    I thought the link was reasonably balanced, presenting different views, with links to supporting docs. In other words a good reference with additional resources if you're interested in past background articles of the history dealing with the issues mentioned.
  • Quote:
    Originally Posted by AppleInsider View Post


    A user of Apple's Safari, the default web browser of every Mac and iOS product, is suing Google Inc. after it came to light that the world's largest internet company had implemented a tracking system that allegedly violates federal wiretapping and privacy laws.







    Good for him. This stuff needs to stop.



    Surfing the web can be downright creepy lately, with ads popping up for some specific/unusual search you did 3 days ago. I saw a news article on some unusual locale, so I looked it up and checked it out. Likely I looked at 3 or 4 different map/tourist/historical/demographic sites. Now I am barraged with ads for vacationing there.



    Quote:
    Originally Posted by AppleInsider View Post


    In order to get around the privacy settings, Google's DoubleClick ad serving platform reportedly exploited a Safari "loophole" that "tricked" the browser into thinking that a user was purposely interacting with an ad by automatically sending an invisible form. Safari subsequently allowed the installation of a temporary cookie as if the user purposely affirmed the procedure.




    If that is not criminal behavior, it should be.
  • mjtomlinmjtomlin Posts: 1,556member
    How stupid is Google? With everyone looking over their shoulder they go and do something like this! This is akin to posing as the "gas man" to gain entry into someone's house to case the place. It doesn't matter if they come back later and steal anything or not. They gained access by posing as something they weren't. That is a serious breach of privacy. True, tracking your website usage isn't nearly as serious as trespassing on someone's property, but it's still dirty-handed.
  • ljocampoljocampo Posts: 657member
    I've been fighting this cat & mouse game with DoubleClick for years. I thought I had it licked with the Ghostery extension but lately a lot of things won't work on web pages anymore unless I turn off the extension. It's a never ending battle.
  • solipsismxsolipsismx Posts: 19,566member
    Quote:
    Originally Posted by Gatorguy View Post


    I thought the link was reasonably balanced, presenting different views, with links to supporting docs. In other words a good reference with additional resources if you're interested in past background articles of the history dealing with the issues mentioned.



    I only chose to read it after you replied to TS. Otherwise I didn't have interest. You went to the trouble to post the link give us interest to click it, that's all I'm saying.





    Quote:
    Originally Posted by ljocampo View Post


    I've been fighting this cat & mouse game with DoubleClick for years. I thought I had it licked with the Ghostery extension but lately a lot of things won't work on web pages anymore unless I turn off the extension. It's a never ending battle.



    I've come across that, too. Even things like Disqus comment on Engadget are blocked by Ghostery. I wonder if that's intentional or if they are wrapping these ads and analytics so deep that it breaks parts of the pages if not loaded.
  • apple ][apple ][ Posts: 8,132member
    It seems that what Google was doing was sneaky, scummy, backhanded and illegal!



    And they did it to MS too! Why doesn't Apple and Microsoft join together and sue Google, for illegally exploiting both of their browsers?



    And there should definitely be class action suits against Google for their illegal invasion of privacy, like the one mentioned in the OP.



    Besides having easy access to malware, I wonder what hidden surprises Android phones come with when somebody either buys one or is given one for free? I wouldn't trust shit that Google says or claim, they'll lie right to your face, while illegally gathering info on you and tracking you. Do the ignorant people who buy junky Android phones which comes with a free OS think that Google is doing it out of the goodness of their heart?



    Some ignorant fools and degenerate Fandroids whine and bitch about Apple? Apple is a saint compared to Google.
  • nerudaneruda Posts: 426member
    Quote:
    Originally Posted by Mike Fix View Post


    So much for not being evil.



    Google's don't be evil mantra is bullsh*t.



    Google has a horrible privacy rights record. Trying to ween myself off but their search engine is still the best, imo.
  • Quote:
    Originally Posted by Apple ][ View Post


    It seems that what Google was doing was sneaky, scummy, backhanded and illegal!




    It was all of those things.
  • mjtomlinmjtomlin Posts: 1,556member
    Quote:
    Originally Posted by mstone View Post


    The technique with IE is different from the technique with Safari. In both cases the vendor of the browser is ultimately the one who let it happen. Not saying there may be some legal issues for Google but the browsers left the door open by mistake. In the case of Firefox they left the door open on purpose.



    If you read the Microsoft blog post, you'll note that the behavior of the browsers is in accordance to the standard. Google (and others) are abusing the standard as it is currently written and implemented, plain and simple.



    The default is to ignore malformed or unknown requests, this allows for future expandability. Google's P3P line isn't anything close to what they should be telling the browsers. In fact they completely ignore the standard and say so!



    Microsoft has had to take a non-standard approach in order to further protect IE 9 users.
  • rjbrucerjbruce Posts: 45member
    I in general hate tech lawsuits but I did a double take on this one. While you can argue the browser should be smart enough to block this sort of thing, this is Google circumventing a users preference to privacy. It is not a case of Google choosing the most efficient way to deliver content that just so happens to expose a deficiency in the browser. It is blatant.



    Quote:
    Originally Posted by mjtomlin View Post


    How stupid is Google? With everyone looking over their shoulder they go and do something like this! This is akin to posing as the "gas man" to gain entry into someone's house to case the place. It doesn't matter if they come back later and steal anything or not. They gained access by posing as something they weren't. That is a serious breach of privacy. True, tracking your website usage isn't nearly as serious as trespassing on someone's property, but it's still dirty-handed.



    I think the gas man example draws an excellent parallel.
Sign In or Register to comment.