Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

40 States Settle Google Location-Tracking Charges for $392M

Search giant Google has agreed to a $391.5 million settlement with 40 states to resolve an investigation into how the company tracked users’ locations, state attorneys general announced Monday.

Search giant Google has agreed to a $391.5 million settlement with 40 states to resolve an investigation into how the company tracked users’ locations, state attorneys general announced Monday.

The states’ investigation was sparked by a 2018 Associated Press story, which found that Google continued to track people’s location data even after they opted out of such tracking by disabling a feature the company called “location history.”

The attorneys general called the settlement a historic win for consumers, and the largest multistate settlement in U.S history dealing with privacy.

It comes at a time of mounting unease over privacy and surveillance by tech companies that has drawn growing outrage from politicians and scrutiny by regulators. The Supreme Court’s ruling in June ending the constitutional protections for abortion raised potential privacy concerns for women seeking the procedure or related information online.

{ Read: Google Tracks Your Movements, Like It or Not }

“This $391.5 million settlement is a historic win for consumers in an era of increasing reliance on technology,” Connecticut Attorney General William Tong said in a statement. “Location data is among the most sensitive and valuable personal information Google collects, and there are so many reasons why a consumer may opt-out of tracking.”

Google, based in Mountain View, California, said it fixed the problems several years ago.

“Consistent with improvements we’ve made in recent years, we have settled this investigation, which was based on outdated product policies that we changed years ago,” company spokesperson Jose Castaneda said in a statement.

Advertisement. Scroll to continue reading.

Location tracking can help tech companies sell digital ads to marketers looking to connect with consumers within their vicinity. It’s another tool in a data-gathering toolkit that generates more than $200 billion in annual ad revenue for Google, accounting for most of the profits pouring into the coffers of its corporate parent, Alphabet — which has a market value of $1.2 trillion.

In its 2018 story, The AP reported that many Google services on Android devices and iPhones store users’ location data even if they’ve used a privacy setting that says it will prevent Google from doing so. Computer-science researchers at Princeton confirmed these findings at the AP’s request.

Storing such data carries privacy risks and has been used by police to determine the location of suspects.

The AP reported that the privacy issue with location tracking affected some 2 billion users of devices that run Google’s Android operating software and hundreds of millions of worldwide iPhone users who rely on Google for maps or search.

The attorneys general who investigated Google said a key part of the company’s digital advertising business is location data, which they called the most sensitive and valuable personal data the company collects. Even a small amount of location data can reveal a person’s identity and routines, they said.

Google uses the location information to target consumers with ads by its customers, the state officials said.

The attorneys general said Google misled users about its location tracking practices since at least 2014, violating state consumer protection laws.

As part of the settlement, Google also agreed to make those practices more transparent to users. That includes showing them more information when they turn location account settings on and off and keeping a webpage that gives users information about the data Google collects.

The shadowy surveillance brought to light by The AP troubled even some Google engineers, who recognized the company might be confronting a massive legal headache after the story was published, according to internal documents that have subsequently surfaced in consumer-fraud lawsuits.

{ Read: Google Location-Tracking Tactics Troubled Its Own Engineers }

Arizona Attorney General Mark Brnovich filed the first state action against Google in May 2020, alleging that the company had defrauded its users by misleading them into believing they could keep their whereabouts private by turning off location tracking in the settings of their software.

Arizona settled its case with Google for $85 million last month, but by then attorneys general in several other states and the District of Columbia had also pounced on the company with their own lawsuits seeking to hold Google accountable for its alleged deception.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...