We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Liberties Groups Rap Google's Skirting of Safari's Privacy Protections

Accident or not, Google's actions regarding cookies and Apple's browser are 'severely disappointing," privacy experts say.

Google's recent gaming of the privacy settings on Apple's Safari browser is "unacceptable" behavior and further proof of the need of a "Do Not Track" feature in web-surfing software, according to privacy experts.

"Technological workarounds to evade browser privacy settings are unacceptable," says Justin Brookman, director of consumer privacy for the Center for Democracy & Technology (CDT) in Washington, D.C. in a statement.

The workaround referred to by Brookman was used by Google and others to alter the default settings in the Safari browser. Those settings prevent third-parties from planting cookies on your PC that track your surfing habits.

Privacy Invasion Inadvertent, Google SaysGoogle explained in a statement that the circumvention of Safari's privacy settings was done inadvertently when it created a way for Safari users who sign into Google to use third-party features, such "+1," that would be blocked by the default setting. That action, though, enabled tracking cookies to be activated on the browser.

"We didn't anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers," Google's Senior Vice President for Communications and Public Policy Rachel Whetstone said in a statement.

"It's important to stress that, just as on other browsers, these advertising cookies do not collect personal information," she added.

Google Actions 'Severely Disappointing'

Accident or not, Google's actions were "severely disappointing," maintained the CDT's Brookman. "While we take Google's assertion at face value that it was not its intent to track users in this way, we are perplexed how this decision evaded Google's internal design and review process," he said.

The incident wouldn't have happened if Google had began to recognize the need for "Do Not Track" technology on its servers and software, argues Peter Eckersley, Rainey Reitman, and Lee Tien in an essay posted at the website of the Electronic Frontier Foundation (EFF).

"It's time for Google to acknowledge that it can do a better job of respecting the privacy of Web users," they wrote.

The essay continues: "One way that Google can prove itself as a good actor in the online privacy debate is by providing meaningful ways for users to limit what data Google collects about them. Specifically, it's time that Google's third-party web servers start respecting Do Not Track requests, and time for Google to offer a built-in Do Not Track option."

Do Not Track and Google

Although Do Not Track is intended to counter third-party snooping on web users, its effectiveness is muted without the cooperation of big players like Google. "Google refuses to add support for DNT [Do Not Track] to its Chrome browser, and ignores it when it has been set by users of other browsers," Christopher Soghoian, a graduate fellow at the Center for Applied Cybersecurity Research in Washington, D.C. tells PCWorld.

"The problem is not the absence of DNT," added Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC) in Washington, D.C. "That was built-in to the Safari browser. The problem is Google's blatant disregard for user privacy settings."

Google is currently under a consent order with the Federal Trade Commission (FTC) to protect the privacy interests of its users. In a letter [PDF] sent to the FTC on Friday, EPIC contends that Google's Safari snafu violates that agreement and has called on the agency to take enforcement action against Google.

This latest assault on consumer privacy should not be taken lightly, declares Soghoian.

"The public should be concerned about this, because it shows that advertising companies, like Google, are willing to go to any lengths necessary to track us," Soghoian says. "If that means circumventing privacy controls and exploiting loopholes in the privacy mechanisms built into browsers, so be it."

"This particular bug will no doubt be fixed by Apple, but the arms race--in which ad networks engineer around user privacy control--will continue," he warns, "at least until regulators and legislators put an end to these shameful business practices."

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

IDG UK Sites

Best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more this...

IDG UK Sites

Tech trends 2015: 3D printing grows up

IDG UK Sites

10 mind-blowing Oculus Rift experiments that reveal VR's practical potential

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & other Black Friday tech offers