In a turn of events that should surprise no one, a Safari user has filed suit against Google over recent news that the search giant had circumvented privacy settings on Apple’s Safari browser. Matthew Soble of Illinois has filed suit in U.S. District Court in Delaware. The suit alleges that “default privacy settings on the web browser software… known as ‘Safari,’ were knowingly circumvented by Google Inc.”
The complaint (PDF) declares that Soble uses Safari and “never disabled the privacy protection” that the browser comes with by default. The suit accuses Google of violation of the Federal Wiretap Act, the Stored Electronic Communications Act, and the Computer Fraud and Abuse Act. The suit is a class action suit filed on behalf of Soble and “all others similarly situated.” The suit asks for unspecified compensatory damages, plus interest, and legal fees for the plaintiff and all members of the class, and a permanent injuction preventing Google “from installing tracking cookies on users’ mobile phones or computer devices that could track the users’ information in violation of federal law.”
On Friday news broke that Google had been exploiting a loophole in the privacy settings of Apple’s Safari browser (both desktop and iOS versions) that allowed Google’s ads to set tracking cookies in the browser that then monitored the users’ web browsing activity. Google responded quickly to the news, saying that the original report had mischaracterized the situation. The workaround was only developed, Google said, because Apple had designed Safari to work differently than other browsers currently on the market. The workaround was only intended to “ascertain whether Safari users were also signed into Google, and had opted for” personalized advertising. The fact that the exploit also allowed Google’s ads to set tracking cookies, Google says, was a completely unintended side effect.
The situation has drawn massive amounts of attention from users, the media, and even U.S. lawmakers. On Monday representatives Edward J. Markey, Joe Barton, and Cliff Sterns sent a letter to Federal Trade Commission director Jon Leibowitz, asking the agency to investigate whether Google had violated a 2011 consent order concerning Google’s handling of private user data.
Google’s handling of private data has been very much in the news in recent weeks, as the announcement of a new unified privacy policy across all Google’s services created its own storm of controversy. The Electronic Privacy Information Center (EPIC) went so far as to file suit against the FTC in order to compel the agency to block the privacy policy, scheduled to go into effect on March 1. Google responded quickly to the suit, accusing EPIC of being “wrong on the facts and the law.” In fact, as came to light later, Google had already submitted a report to the FTC detailing the new policy’s compliance with the order. The FTC, meanwhile, filed their own response on the same day the Safari news broke. In a motion to dismiss the case, the FTC argued that EPIC had no legal grounds to interfere in the FTC’s enforcement or non-enforcement of consent orders, and that the privacy watchdog’s suit was “baseless.”
Today, EPIC filed a response (PDF) of their own. Their response asserts that EPIC does indeed have the right “to challenge the FTC’s failure to act,” and that “the agency’s failure to act prior to March 1, 2012 would constitute irreparable injury.”
A request for comment was sent to Google this morning concerning the Safari lawsuit. Google responded with the same statement they issued last week when the news originally broke.
