SAN FRANCISCO – The Federal Trade Commission’s proposed $22.5 million settlement with Google for hacking past privacy settings on Apple’s Safari browser fails to include a permanent injunction against violating its “Buzz” Consent Decree with the Commission, one of three reasons it be should be rejected, Consumer Watchdog said today.
The failure to include the injunction in the proposed settlement is particularly noteworthy because the FTC complaint filed with the proposed settlement asks for one, Consumer Watchdog said.
“Without an injunction, the FTC has very little leverage to assure Google’s future compliance with the Buzz decree,” the nonpartisan, nonprofit group said in court papers filed late Friday afternoon. “The failure to seek an injunction also limits the FTC’s flexibility with regard to civil monetary penalties in the future… Simply put, the absence of a permanent injunction gives Google little reason to take the Buzz decree seriously.”
Judge U.S. District Court Judge Susan Illston last month granted Consumer Watchdog amicus curiae status to oppose the settlement. Attorneys Gary Reback and Robert J. Yorio of the law firm Carr & Ferrell represent Consumer Watchdog.
In addition to failing to include a permanent injunction the settlement should not be approved because the amount of the penalty is too small and it allows Google to explicitly deny wrongdoing, Consumer Watchdog’s brief said.
Consumer Watchdog’s legal brief also outlined how over the past two years government efforts to make Google respect the privacy of Internet users have largely been ineffective.
The FTC has charged that Google violated the "Buzz Consent Agreement" when Google claimed it was honoring privacy settings on iPads, iPhones and other devices using the Safari browser but in fact it was circumventing them.
“At issue in this case is whether this Court will lend its imprimatur to a settlement proposal so markedly deficient that it fails to meet the relevant legal standards of ‘adequacy’ and furthering ‘the public interest.’ The proposed settlement fails on three distinct grounds,” said Consumer Watchdog’s brief.
Read a copy of Consumer Watchdog’s brief here: http://www.consumerwatchdog.org/resources/consumerwatchdogftcgoog092112.pdf
"Google executives want to buy their way out of trouble with what for them is pocket change and then deny doing anything wrong. The day the proposed settlement was announced the value of Google outstanding stock increased more than the fine, " said John M. Simpson, Consumer Watchdog's Privacy Project director. “As our brief makes clear, Google has demonstrated an ability to out maneuver government regulators repeatedly and ride roughshod over the privacy rights of consumers. Google continues to be disingenuous about its practices.”
The brief argues:
“Given Google’s history of failing to either respect the privacy of its users or even to comply with its prior privacy undertakings, and, given the Commission’s repeatedly ineffectual attempts to secure compliance, what facts and what plausible reasoning based on those facts justify the Commission’s decision, even under a deferential judicial standard?
“The record now before this Court fails to provide any basis on which the Court might evaluate the Commission’s rationale, much less defer to it. And, given the glaring deficiencies – deficiencies that squarely undermine the Commission’s stated rationale, we submit that the Commission cannot make the requisite showing under the appropriate legal standard to justify entry of the proposed order.”
The brief’s Statement of Facts reviewed four areas of privacy concerns about Google:
-- Wi-Spy: In the Wi-Spy scandal (2010), Google repeatedly said it did not copy confidential data, but government investigations in Europe proved this false. Yet the FTC took no action and closed its superficial investigation based on Google’s representations of modest changes in Google’s privacy practices.
-- Combining Personal Information: In 2012, Google announced that it was combining users’ personal information from all of its services to better track users online. European countries initiated investigations, many of which are still open today. But the FTC did nothing.
-- Safari Hacking: Now the FTC proposes to settle Google’s latest privacy transgression when it hacked around privacy settings on the iPhone, iPad and other devices that use the Safari browser. Google violated the promises it made to settle the Buzz fiasco, but the FTC only proposes a fine that amounts to less than one one-thousandth of Google’s revenue from advertising fees. Even the FTC’s formal statement indicates that the size of the penalty “can be dismissed as insufficient.”
The following are two key arguments from the brief:
The Proposed Order Fails to Include a Sufficient Civil Penalty
“…[I]n response to criticism that the $22.5 million penalty constituted an ineffective deterrent, the FTC staff (in its Facebook chat) claimed that the risk of bad publicity would deter Google from future violations, even if the paltry fine did not. ‘Deterrence is based on more than money alone,’ stated the staff. ‘Google is paying with black eyes as well as greenbacks.’ We can scarcely imagine how a company that showed little shame at facilitating the illegal importation of drugs would be deterred at the prospect of bad publicity from violating an FTC privacy order. At bottom, then, the Commission offers no rational basis to permit this Court to conclude that the size of its fine here or the prospect of future fines achieves either the purpose of § 45(l) or the Commission’s stated purpose in this case.”
The Proposed Order Is Deficient in Including a Denial of Liability.
“Because the FTC permitted Google to deny the allegations of the FTC complaint, Google put its own ‘spin’ on the facts – both initially at the time of the Wall Street Journal story and thereafter, when the settlement was announced. Google’s spin created considerable confusion in the public over what the company actually did, who was at fault, whether the conduct really violated the Buzz decree, and what the effect of the conduct was on consumers. As a consequence, consumers lack important information they should have gotten from this case to make informed choices regarding online conduct. A decree that results in consumer confusion and produces the strong possibility if not the likelihood of consumer injury cannot possibly meet the public interest standard.”
Consumer Watchdog had filed a complaint in February about Google violating the "Buzz Consent Agreement" with the FTC after it was revealed how Google was circumventing privacy settings on Apple's Safari browser.
"Google hacked past a key privacy setting on iPhones and iPads and other devices using Apple's Safari browser, placed tracking cookies on them and then lied, saying the settings were still effective," said Simpson. "Clearly it violated its agreement with the Commission. The FTC must hold Google executives accountable for their unlawful actions and not let them make a mockery of the agency."
- 30 -