Data Privacy Knowledge

FTC Levies Record $22.5 Million Fine Against Google

FTC has a leading role in the pursuit of privacy regulations

by R. Olschewski

The USA is assuming a leading role in the pursuit of regulations on data privacy and is sanctioning violations against the rules on consumer protection in a manner that is much harder than is usually seen on the European front. As such, companies should take heed before they enter the U.S. market with products critical to data protection legislation.

At the beginning of 2012, scientists in the USA published work stating that Google was spying on users of the Apple browser Safari. The accusation was that a protective mechanism in the Safari browser designed by Apple had been bypassed. By making use of so-called tracking cookies, it was apparently possible to spy on the browsing habits of users. This practice had since been discontinued.
Nevertheless, the company is now being required to pay a fine of 22.5 million USD (app. 18.3 million EUR).

The company has now approved a corresponding settlement with the US regulatory authority, the Federal Trade Commission (FTC). This is the highest fine that the FTC has ever imposed. Decisive for the amount of the fine levied was most particularly misinformation that was located on the search engine provider’s service page.

There, customers were falsely informed that they did not need to take any further action to prevent the recording of their activities. As such, the company violated a particular prior agreement it had signed with the FTC in which risks were to be pointed out to customers in a clear and unambiguous manner.

What is particularly interesting is that this charge of spying on data by bypassing the browser’s protection mechanisms has not yet generated any noticeable response from various regulatory authorities in Europe, especially in Germany. It is nonetheless reasonable to fear that these cookies could very well have also affected German users.

Also worth questioning is why comparable agreements between regulatory authorities and global companies with problematic data protection issues are still something of a rarity in Europe.

For Google, even the sum of this fine is still manageable when compared to the approximately 500 million USD it was required to pay on charges of illegal advertising of pharmaceuticals as part of the agreement it signed with the US Department of Justice in 2011.

Additional information:


Similar Blog Posts

Children's Data Protection Children's Data Protection

California is safeguarding children's online information from exploitation by corporations by introducing the Age Appropriate Design Code Act requesting a Privacy Impact Assessment.

Information Needed For Companies for the Whistleblower Directive Information Needed For Companies for the Whistleblower Directive

Initially, the EU Whistleblower Directive was supposed to be effective by December 17, 2021. However, the legislative process failed.

Right of Access by the Data Subject Right of Access by the Data Subject

The right of access, enshrined in Art. 15 of the GDPR, gives data subjects the right to obtain from the controller.


Blog Categories