February 19, 2012
Safari User Sues Google Over Alleged Privacy Rights Violations
A user of the Safari web browser is suing Google, accusing the largest online search engine on the planet of violating his privacy rights in Apple's iPhone and iPad line of products, Bloomberg reported on Friday.
According to reporters Phil Milford and Jef Feeley, the lawsuit was filed by Illinois resident Matthew Soble and stems from earlier reports claiming that Google was one of a handful of companies utilizing a piece of clandestine code to get around security settings in the Internet browser in order to track the online activities of iPhone owners.
In the complaint, Soble's attorneys said that "Google's willful and knowing actions violates" U.S. federal wiretapping laws as well as other, unnamed computer-related rules and regulations, Milford and Feeley said. A spokesperson for the Mountain View, California-based company declined Bloomberg's request for comment on the lawsuit.
As first reported by the Wall Street Journal, Google and advertising networks Vibrant Media, Media Innovation Group and Gannett PointRoll managed to circumvent Safari´s privacy settings by using code that falsely represents its advertisements as being a user-initiated form submission.
That loophole was discovered by Stanford University researcher Jonathan Mayer, who discovered that ads on 23% of the top 100 websites had installed tracking codes on the iPhone browser, versus 22% on a test desktop computer.
Once the websites activated those codes, they could then follow an individual's activity as they travelled from website to website, even though Safari's default settings are designed to block third party advertisers from accessing a user's cookies. Only those sites with which a user has directly acted are supposed to be able to do so.
According to the WSJ report, the Google-engineered code essentially tricked Safari into letting it put a tracking cookie on the device by making it appear as though the user had submitted an online form to Google. While those cookies typically expire within 12 to 24 hours, the Journal noted that they “could sometimes result in extensive tracking of Safari users“¦because of a technical quirk in Safari that allows companies to easily add more cookies to a user´s computer once the company has installed at least one cookie.”
Google reportedly disabled the security-evading code after being contacted by the newspaper regarding their report, and responded later in the day on Friday saying that the Journal "mischaracterizes what happened and why“¦ We used known Safari functionality to provide features that signed-in Google users had enabled. It´s important to stress that these advertising cookies do not collect personal information.”
Milford and Feeley report that Soble is seeking class-action for his lawsuit, which they say was filed on behalf of individuals “whose default privacy settings on the web browser software produced by Apple, known as Safari, were knowingly circumvented by Google," in the words of the lawsuit.
On the Net: