Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Google Location-Tracking Tactics Troubled Its Own Engineers

Google’s own engineers were troubled by the way the company secretly tracked the movements of people who didn’t want to be followed until a 2018 Associated Press investigation uncovered the shadowy surveillance, according to unsealed documents in a consumer fraud case.

Google’s own engineers were troubled by the way the company secretly tracked the movements of people who didn’t want to be followed until a 2018 Associated Press investigation uncovered the shadowy surveillance, according to unsealed documents in a consumer fraud case.

The behind-the-scenes peek stems from a three-month-old lawsuit against Google filed by Arizona’s attorney general. The files, unsealed late last week, reveal that Google knew it had a massive problem on its hands after an AP article published in August 2018 explained how the company continued to track users’ whereabouts even after they had disabled the feature Google called “location history.”

The released documents include internal Google emails and a fresh version of the state’s civil complaint with fewer redactions than the original.

The same day the AP story was published, the company held what one unidentified email correspondent called an “Oh S—-” meeting to discuss its location tracking tools, according to the unsealed records in Arizona’s Maricopa County Superior Court. Google also began monitoring public reaction to the AP story, including how it was trending across Facebook, Twitter and other influential online services, the documents show.

Some of Google’s own engineers scolded the company for misleading people about how its location tracking settings worked. “I agree with the article,” one engineer wrote in a particularly blunt assessment after the AP story was published. “Location off should mean location off, not except for this case or that case.”

Another Google engineer wrote, “Indeed we aren’t very good at explaining this to users.” Another concurred that what the company was doing was “definitely confusing from a user point of view.”

The release of the emails is embarrassing for a company that tries to build trust with billions of users of free services such as maps and online search, which in turn provide the personal information Google can use to target ads. Those ads generated more than $130 billion in revenue last year alone.

Google is still fighting to keep many of the exhibits and key passages in the lawsuit redacted on the grounds that the contents contain confidential information.

Advertisement. Scroll to continue reading.

After the AP article on location tracking came out two years ago, Google made changes to its privacy settings to make it easier for users to conceal their movements.

But the revisions didn’t deter Arizona Attorney General Mark Brnovich from opening an investigation that culminated in his suing Google three months ago. The complaint accuses Google of engaging in deceptive business practices that duped Arizona consumers, and could potentially result in billions of dollars of penalties if Brnovich prevails.

“The recently unsealed documents reveal statements from Google’s own engineers that are in conflict with what the company has been representing to the public,” Brnovich said in a Wednesday statement.

Google is seeking to dismiss the lawsuit, arguing that the Arizona law only applies to goods and services that charge consumers. That would exclude free services that draw upon the tracking tools that are at the heart of the lawsuit.

The company also contends that Brnovich, a Republican, may have been prodded to pursue the investigation by Oracle, which has been involved in a long-running legal battle over the rights to some of the software code used in Google’s Android software for smartphones and other mobile devices.

“Privacy controls have long been built into our services and our teams work continuously to discuss and improve them,” Google spokesperson Jose Castaneda said Wednesday. “In the case of location information, we’ve heard feedback, and have worked hard to improve our privacy controls.”

RelatedGoogle Tracks Your Movements, Like It or Not

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...