Google Flouted iPhone Privacy Controls, Report Says
Search giant deployed code that allowed it to track the Web surfing habits of Internet users.
12 Epic Tech Fails of 2011
(click image for larger view and for slideshow)
Google has conceded that it used secret programming code to circumvent the privacy settings of iPhone users who surfed onto its websites, but denied there was anything malicious about the practice.
The company reportedly deployed the code so that it could defeat iPhone technology that's designed to prevent websites from tracking the Web surfing activities of Internet users in order to serve up so-called contextual ads. News about Google's practice was first reported by The Wall Street Journal.
The newspaper said that Google essentially developed a workaround that flouted privacy controls built into Apple's Safari browser, which comes preinstalled on its iPhone, iPad, and iPod Touch mobile devices. Apple said it was "working to put a stop" to Google's circumvention efforts.
Google conceded that it was using special techniques to track Apple users' Web surfing habits, but insisted there was nothing nefarious about its methods.
"The Journal mischaracterizes what happened and why," a spokesperson said in a statement. "We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
Google's spokesperson said the practice has been in effect since last year and that it tracked only users who voluntarily opted in to see ads that reflected their personal interests.
"Unlike other major browsers, Apple's Safari browser blocks third-party cookies by default. However, Safari enables many Web features for its users that rely on third parties and third-party cookies, such as ‘Like' buttons. Last year, we began using this functionality to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content—such as the ability to ‘+1' things that interest them," the spokesperson said.
Google's anti-privacy methods were first uncovered by Stanford University security researcher Jonathan Mayer. The academic found that 23 of 100 Web sites he tested tracked users' activities when those sites were accessed through Google.
Google's own Chrome browser, as well as Microsoft's Internet Explorer 9, did not appear to be vulnerable to the tracking code due to difference in their default privacy settings, the researcher said.
Word of the controversy could put Google's privacy practices under heightened scrutiny. The company was already drawing heat for privacy changes announced earlier this month. Google said it was implementing technology changes that would allow it to view user activity across all of its major product brands, including Gmail, Google Apps, and Google search.
The EU has asked Google to hold off on implementing the changes until it can further study their impact on consumer privacy.
Nominate your company for the 2012 InformationWeek 500--our 24rd annual ranking of the nation's very best business technology innovators. Deadline is April 27. Organizations with $250 million or more in revenue may apply for the 2012 InformationWeek 500 now.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.