Reuters: FTC to fine Google $22.5M for violating Safari users’ security settings

Reuters reports that Google will be fined $22.5 million for bypassing Apple Safari browser security settings to track user behavior, allegedly for the purposes of advertising.

Members of the Federal Trade Commission voted to approve a consent decree that will allow Google to settle the agency’s investigation but admit no liability, said one of the sources, who was not authorized to speak on the record.

An official announcement is expected within days, the second source said.

The allegations began in February, when it was discovered that Google and other ad companies were circumventing Apple’s Safari browser security settings to allow access to cookies.

Author Ad Placeholder
Will only appear on redesign env.

According to authors Julia Angwin and Jennifer Valentino-Devries, Google used “special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users.” Google apparently disabled the problematic code after the newspaper contacted the Mountain View, Calif.-based Company.

Stanford researcher Jonathan Mayer discovered that mobile Safari’s default settings block cookies from third parties and advertisers, but Google and advertising companies Media Innovation Group, Vibrant Media, and Gannett PointRoll fooled mobile Safari into thinking “a person was submitting an invisible form to Google.” This let them install a tracking cookie on users’ iPhones and PCs without consent.

Once a cookie installed, a Safari glitch allowed subsequent cookies to attach. Both Google and Apple issued statements following this morning’s report…


Apple told the Journal it is “working to put a stop” to the bypassing of Safari’s privacy settings. Google argued in a written statement to the newspaper that it “used known Safari functionality to provide features that signed-in Google users had enabled,” and it stressed, “These advertising cookies do not collect personal information.” Marketing Land’s Danny Sullivan acknowledged that “Google and many others have figured out ways to get around Apple’s default settings on Safari in iOS,” arguing Apple is partly to blame as the browser “broke with common web practice.”

John Battelle’s Searchblog argued similarly.

As a result, Google could exploit tricks to force advertising-tracking cookies upon iPhone users. Sullivan speculated Apple might have purposefully set default privacy settings in mobile Safari against third-party cookies to defend its own agenda, arguing Apple aims to own iPhone users and control its experience.

Apple, of course, operates its own advertising network built from a $275 million purchase of mobile advertising expert Quatro Wireless in 2010. Following the initial uptake, iAd lost share amid high commitments for mobile campaigns. Apple cut those commitments last February from $1 million to $500,000, then to $300,000 last July, and further down to as little as $100,000 this month. IDC estimated iAd’s 2011 mobile share of United States mobile display-ad revenue is at 15 percent (versus 24 percent for Google’s AdMob and AdSense platforms and 17 percent for mobile advertising company Millennial Media).

Cross-posted on

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel



Avatar for Seth Weintraub Seth Weintraub

Publisher and Editorial Director of the 9to5/Electrek sites.

Seth Weintraub's favorite gear