Court Approves FTC's $22.5 Million Penalty Against Google for Alleged User Tracking

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

A federal district court Nov. 16 approved a $22.5 million civil penalty against Google Inc. to settle Federal Trade Commission claims that the internet giant overrode the privacy settings of users of Apple Inc.'s Safari web browser and secretly tracked them (United States v. Google Inc., N.D. Cal., No. 3:12-cv-04177-SI, settlement approved 11/16/12).

The U.S. District Court for the Northern District of California disagreed with the objections by public interest group Consumer Watchdog to the proposed consent order, finding the order's terms “procedurally and substantively fair, adequate, and reasonable.”

The proposed order, filed with the court Aug. 8, also required Google to disable tracking cookies it placed on the computers of Safari users until Feb. 15, 2014, and report to the FTC 20 days later explaining how it is in compliance with the proposed order (154 PRA, 8/10/12).

The $22.5 million fine is the largest imposed by the FTC on a company for violating an existing agency consent order, the commission said at the time.

The FTC's complaint alleged that Google violated an October 2011 final administrative consent agreement with the FTC that resolved charges that Google used deceptive tactics and violated its own privacy promises with its now-defunct Buzz social network (208 PRA, 10/27/11).

Group Objects to Substantive Fairness.

Amicus curiae Consumer Watchdog, based in Santa Monica, Calif. and Washington, objected to the proposed order on three grounds. The group “attacks the substantive fairness of the Proposed Order, arguing that the injunction is inadequate, the civil penalty is too small, and that Google should be forced to admit liability[,]” the court explained.

Although the group contended that $22.5 million is a de minimis amount of Google's advertising revenues and pointed out that the statutory maximum fine is $16,000 per violation, the court found the penalty sufficient. In addition to being the largest fine imposed on a company for violating a FTC consent order, the court said, “the complaint never alleged that consumers suffered any monetary harm or that Safari cookies yielded significant revenues for Google.”

Finding the injunction adequate, the court sought to allay Consumer Watchdog's concern that Google would continue to profit from the information it collected from Safari users. Both the FTC and Google explained that it was unlikely that Google would use that information because it is already old, and the company has anonymized the internet protocol addresses, the court explained.

“More generally, the FTC considered and rejected many more stringent injunctions because the risk that they would hamper Google's ability to protect consumers from data security and malware vulnerabilities outweighed the benefits to the public[,]” the court added.

Nor was an admission of liability by Google necessary, the court concluded, noting that district courts within the Ninth Circuit had upheld agreements without any such admissions of wrongdoing.

Adrienne E. Fowler of the Department of Justice, in Washington, and Robin L. Moore and Megan A. Bartley of the FTC, in Washington, represented the plaintiff. Leo P. Cunningham and David H. Kramer of Wilson Sonsini Goodrich & Rosati, in Palo Alto, Calif. represented Google. Gary L. Reback and Robert J. Yorio of Carr & Ferrell LLP, in Menlo Park, Calif., represented Consumer Watchdog.

Full text of the court's opinion is available at

The proposed consent judgment is available at

Full text of Consumer Watchdog's amicus curiae memorandum is available at

Request Bloomberg Law: Privacy & Data Security