After the states filed two cases against the firm accusing it of having tracked customers’ locations without their express agreement, the IT giant will pay $9.5 million to D.C. and $20 million to Indiana.
“Given the vast level of tracking and surveillance that technology companies can embed into their widely used products, it is only fair that consumers be informed of how important user data, including information about their every move, is gathered, tracked, and utilized by these companies. Significantly, this resolution also provides users with the ability and choice to opt of being tracked, as well as restrict the manner in which user information may be shared with third parties,” said Attorney General Karl A. Racine while announcing that Google will pay $9.5 million. “I am proud of how the exceptional lawyers and professionals in my office have creatively applied the District’s strong consumer protection laws to set the standard nationally and provide users far greater control of their personal information.”
“We sued because Google made it nearly impossible for users to stop their location from being tracked. Now, thanks to this settlement, Google must also make clear to consumers how their location data is collected, stored, and used.” Racine added.
In November, Google agreed to pay $391.5 million to settle with 40 US states for misleading users about the collection of personal location data. The settlement is the largest attorney general-led consumer privacy settlement ever, states the announcement published by DoJ.
“Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information. In addition to the multimillion-dollar settlement, as part of the negotiations with the AGs, Google has agreed to significantly improve its location tracking disclosures and user controls starting in 2023.” reads the DoJ’s press release.
Oregon Attorney General Ellen Rosenblum, who led the settlement along with Nebraska AG Doug Peterson, pointed out that for years Google has prioritized profit over their users’ privacy.
The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”
According to the article, there are two settings responsible for the location data collection, the “Location History” and “Web & App Activity”. The former is “off” by default while the latter is automatically enabled when users set up a Google account, including all Android users.
Location data represent the core of the digital advertising business of the IT giant. However, location data can be used to expose a person’s identity and routines, and even infer personal details.
Google violated state consumer protection laws by misleading consumers about its location tracking practices since at least 2014. Google confused its users about the use of the account and device settings to limit Google’s location tracking.
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- Google Open-Source Vulnerability Scanning Tool - 18 January 2023
- Polymorphic Malware Produced by ChatGPT - 18 January 2023
- Russian Hackers Repurpose Decade-Old Malware Infrastructure to Deploy New Backdoors - 8 January 2023