Google Hit with Largest FTC Penalty Ever

On Friday, November 16, 2012, US District Judge Susan Illston approved a $22.5 million fine to penalize Google for an alleged privacy breach. While this is the heftiest Federal Trade Commission penalty ever, this is still nowhere close to a consumer-rights group’s plea for more stringent punishment.

Judge Illston made this ground-breaking ruling a few hours after a hearing in San Francisco for final arguments regarding this important finding. This ruling comes three months after a settlement between the FTC and Google Inc.


Back in August 2012, Google had agreed to pay the record-setting fine to settle FTC charges that it misrepresented to users of Apple Inc.’s Safari Internet browser that it would not place tracking cookies, or serve targeted ads to those users. This was in clear violation of an earlier privacy settlement between the company and the FTC.

This stemmed from allegations that the high-profile company had duped millions of Safari users into believing their online activities couldn’t be tracked by the company as long as they didn’t change their browser’s privacy settings. Google even posted an assurance on their help page earlier in 2012, even while it was inserting computer coding that essentially bypassed Safari’s automatic settings and enabled the company to peer into the online lives of their users.

Jonathan Mayer is the Stanford University student who first brought attention to these practices. Mayer said, “Google was setting cookies in Safari web browsers associated with their advertising service, “Double Click.” And they’d made a representation on their website that, if you were a Safari user, you wouldn’t be tracked by Google. So they breached that representation.” It was ultimately Mayer’s work that led to the FTC’s imposition of the fine.

According to Jon Leibowitz, Chairman of the FTC,

“The record setting penalty in this matter sends a clear message to all companies under an FTC privacy order. No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place.”

Regulatory Shortcomings

The FTC determined that the contradiction between Google’s covert tracking and its claims to respect and protect user privacy was quite evident. In response, the company promised not to mislead its users by posting untrue privacy practices.

Consumer Watchdog, a consumer-rights group criticized this as an example of ineffectual privacy regulation. It also pointed out complaints that Google has been stifling the competition and raising online ad prices, through showcasing its own services via its search engine. According to Consumer Watchdog attorney Gary Reback, the group is hoping to pressure the FTC to take Google to court in the antitrust investigation instead of negotiating consent decrees and other types of settlements, as it did for the Safari privacy issue.


This article follows up on Google’s Safari tracking cookie violation, which led to an FTC fine of $22.5 million. This is currently the largest fine imposed upon a privacy breach of this kind. Back in August 2012, the FTC charged Google with placing advertising tracking cookies on consumers’ computers, circumventing the Safari browser’s default cookie-blocking setting. The company was roundly criticized for exploiting an exception to the browser’s default setting and misrepresenting its privacy practices to users.

CIPP Exam Preparation

In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam,  a privacy professional should be comfortable with topics related to this post, including:

  • Consistency of policy and practice (I.G.c.)
  • Privacy expectations – organizational practices (II.A.b.)

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>