Nov. 18, 2013 6:53 PM EST—
SAN FRANCISCO (AP) — Google is paying $17 million to 37 states and the District of Columbia to make amends for the Internet search leader's snooping on millions of people using Safari Web browsers in 2011 and 2012.
The settlement announced Monday stems from a technological loophole that enabled Google's DoubleClick advertising network to shadow unwitting Safari users, even though the browser's maker, Apple Inc., prohibited the tracking without obtaining a person's permission. By following what Safari users were doing online, DoubleClick could gain more insights about what types of ads were most likely to appeal to different Safari users.
We're getting rid of over 60 different privacy policies across Google and replacing them with one that's a lot shorter and easier to read. Our new policy covers multiple products and features, reflecting our desire to create one beautifully simple and intuitive experience across Google.
We've got answers.
We've got answers.
Visit our FAQ at http://www.google.com/policies/faq to read more about the changes. (We figured our users might have a question or twenty-two.)
Published: October 30, 2013
Over two dozen privacy laws have passed this year in more than 10 states, in places as different as Oklahoma and California.
For Internet companies, the patchwork of rules across the country means keeping a close eye on evolving laws to avoid overstepping.
For companies, it helps that state measures are limited in their scope by a federal law that prevents states from interfering with interstate commerce.
Some of the bills extend to surveillance beyond the web. Eight states, for example, have passed laws this year limiting the use of drones, according to the American Civil Liberties Union, which has advocated such privacy laws. In Florida, a lawmaker has drafted a bill that would prohibit schools from collecting biometric data to verify who gets free lunches and who gets off at which bus stop. Vermont has limited the use of data collected by license plate readers, which are used mostly by police to record images of license plates.
California, long a pioneer on digital privacy laws, has passed three online privacy bills this year. One gives children the right to erase social media posts, another makes it a misdemeanor to publish identifiable nude pictures online without the subject’s permission, and a third requires companies to tell consumers whether they abide by “do not track” signals on web browsers.
But stiff lobbying efforts were able to stop a so-called right to know bill proposed in California this year that stood to hurt the online industry. The bill would have required any business that “retains a customer’s personal information” to share a copy of that information at the customer’s request, as well as disclose which third parties have received the information. The practice of sharing customer data is central to digital advertising and to the large Internet companies that rely on advertising revenue.
“ ‘Right to know’ is an example of something that’s not workable,” said Jim Halpert, a lawyer with the national firm DLA Piper, who leads an industry coalition that includes Amazon, Facebook and Verizon. “It covers such a broad range of disclosures. We advocated against it.”
According to a survey conducted in July by the Pew Internet Center, most Americans said they believed that existing laws were inadequate to protect their privacy online, and a clear majority reported making great efforts to mask their identities online. Some of those surveyed said they cleared browsing histories, deleted social media posts or used virtual networks to conceal their Internet Protocol addresses — and a few even said they used encryption tools.
Many states have already responded to those opinions. In the last couple of years, about 10 states have passed laws restricting employers from demanding access to their employees’ social media accounts.
California set the stage on digital privacy 10 years ago with a law that required organizations, whether public or private, to inform consumers if their personal data had been breached or stolen. Several states followed, and today, nearly every state has a data breach notification law.