Google has found itself in yet another privacy debacle, after being found to have intentionally circumvented the default privacy settings in Apple's Safari browser.
Safari automatically blocks all third-party cookies, and pushes this as a selling point for its browser: “Some companies track the cookies generated by the Web sites you visit, so they can gather and sell information about your Web activity. Safari is the first browser that blocks these tracking cookies by default, better protecting your privacy.”
Last week, however, Stanford University grad student Jonathan Mayer detailed the methods Google (and a handful of other advertisers) were using to bypass Safari's default settings and allow users who were signed in to Google+ to click the +1 button in adverts from Google's DoubleClick service. Safari usually blocks cookies used by ad networks, so ordinarily the browser would prevent those ads from tracking cookies to see if a user was logged in to Google+.
However, Google was reportedly using special computer code in order to trick the browser into placing a tracking cookie by making it think it was submitting a form to Google. The Wall Street Journal (WSJ) says Google immediately stopped using the code once reporters contacted it for comment.
While the initial WSJ report fingered Google for allegedly “tracking” Safari users' Web-browsing activities, the search giant has since spoken out, saying the report “mischaracterises what happened and why”.
Suspicious move
Google says: “We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information.” According to Google, in order to enable the +1 feature (and other opt-in features) for signed in Google users, it used the code in order to check if the user was signed in to Google and if they had opted in for any such personalised features.
New media lawyer Paul Jacobson says, while the issue has been blown a little out of proportion, the fact remains that Google targeted Safari browsers which block cookies by default and it used a loophole to enable some of its functionality.
“It is another suspicious move that comes on the back of a couple peculiar moves for Google. Google is already under the spotlight for various reasons (not all valid) and this sort of seemingly underhand behaviour doesn't help,” says Jacobson.
PC World reports that US lawmakers have already asked the Federal Trade Commission to investigate whether Google's bypassing of the Safari security settings violate the search giant's consent agreement with the FTC which bars the company from future privacy “misrepresentations”.
Jacobson, however, notes that Google doesn't appear to have violated the agreement as the cookies don't collect personal information. “Google said, in its response, that it was trying to facilitate Google+ features which signed in users had already enabled. This doesn't seem to be a change in user privacy settings.”
Share