In Fight Over Largest Fine Ever, FTC Commissioners Disagreed Over Whether Google Should Admit Fault
As expected, Google will pay $22.5 million to settle with the FTC over violating its October 2011 privacy settlement.
Google is in trouble because it told users of the Safari browser, via a help page, that they did not have to worry about being tracked because Safari blocks cookies by default, while at the same time bypassing Safari settings to allow tracking cookies. Google has since deleted those cookies, and says it never collected personal information.
This is the largest FTC penalty ever for violation of one of its orders — though in tech terms, it’s just a generous Series B funding round or so.
It was decided by a vote of 4-1, with Commissioner J. Thomas Rosch dissenting on the grounds that the FTC should not have accepted Google’s denial of liability.
Rosch, instead, believes that Google is in contempt of the 2011 agreement. “This is Google’s second bite at the apple,” he wrote.
If Google is being fined $22.5 million, Rosch argues, the company should not be permitted to deny liability.
The other commissioners replied, “With a company of Google’s size, almost any penalty can be dismissed as insufficient.” But because the issue didn’t exist for very long, and Google didn’t make money from it, a penalty serves as sufficient warning, they argued.
The most interesting sideshow of the case was that the fact that the FTC was planning to fine Google had been leaked out in bits and pieces over the past five months. So, even though the FTC is not extracting an enormous fine, the fire over the issue has been stoked in the press continuously.
The FTC also posted today a more technical description of what Google did to bypass Safari’s settings.
Here’s what happened: Despite having that help page up saying that Safari wasn’t tracking users, “for several months in 2011 and 2012,” Google circumvented Safari settings to place a temporary cookie from DoubleClick. This was in part to set up those little +1 social advertising buttons on its ads for users.
And here’s the crux: “Because of the particular operation of the Safari browser, that initial temporary cookie opened the door to all cookies from the DoubleClick domain, including the Google advertising tracking cookie that Google had represented would be blocked from Safari browsers.”
But that’s not actually the crux, because the specific issue that the FTC is mad about is that Google had up the incorrect help page the whole time. This misrepresentation is exactly what Google promised it wouldn’t do in 2011.
FTC Chairman Jon Leibowitz said the penalty is meant to send a message that “No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place.”