Attorney General Peter F. Kilmartin announced today that his Office, along with the Attorneys General of 36 other States and the District of Columbia, entered into a settlement with Google Inc. concerning its setting of cookies on certain Safari Web browsers during 2011 and 2012. Under the terms of the settlement, Google will pay the participating states $17 million, with Rhode Island receiving approximately $230,000 from the settlement.
Google had been offering consumers the ability to opt out of having third-party advertising cookies set on their browsers through installing an advertising cookie opt-out plug-in. On its Web page describing that advertising cookie opt-out plug-in, Google represented to consumers using Apple's Safari Web browser ("Safari users") that "Safari is set by default to block all third-party cookies. If you have not changed those settings, this option effectively accomplishes the same thing as setting the opt-out cookie." This statement was misleading to Safari users because it suggested that they would not receive third-party cookies, although subsequent to the inclusion of this statement, Google took active steps to circumvent Safari's default settings for the purpose of setting third-party cookies. By circumventing Safari's default settings, Google placed cookies on the computers of Safari users without the consumers' knowledge or consent.
"Google has the ability to track our online purchases and page views, allowing third parties to target content to specific consumers based on perceived interest and buying habits," said Attorney General Kilmartin. "Consumers should feel confident that if they 'opt out' of these types of functions, they are truly opting out and limiting their exposure to who has access to their web history."
Google operates the most popular search engine on the Internet. Use of the search engine is free, so Google generates revenue primarily through advertising. Through its DoubleClick advertising platform, Google sets third-party cookies—small files set in consumers' Web browsers—that enable it to gather information about those consumers, including, depending on the type of cookie, their Web surfing habits. Apple's Safari Web browser is set by default to block third-party cookies, including cookies set by DoubleClick to track a consumer's browsing history. From June 1, 2011 until February 15, 2012, Google altered its DoubleClick coding to circumvent those default privacy settings on Safari, without consumers' knowledge or consent, enabling it to set DoubleClick cookies on consumers' Safari Web browsers. Google disabled this coding method in February 2012 after the practice was widely reported on the Internet and in media.
The Attorneys General allege that Google's circumvention of the default privacy settings in Safari for blocking third-party cookies violates State consumer protection and related computer privacy laws. The States claim that Google failed to inform Safari users that it was circumventing their privacy settings and that Google's earlier representation that third-party cookies were blocked for Safari users was misleading. In addition to the monetary payment, the parties have also agreed to injunctive relief that requires Google to do the following:
Not deploy the type of code used here to override a browser's cookie blocking settings without the consumer's consent unless it is necessary to do so in order to detect, prevent or otherwise address fraud, security or technical issues.
Not misrepresent or omit material information to consumers about how they can use any particular Google product, service, or tool to directly manage how Google serves advertisements to their Browsers.
Improve the information it provides to consumers regarding cookies, their purposes, and how they can be managed by consumers using Google's products or services and tools.
Maintain systems designed to ensure the expiration of the third-party cookies set on Safari Web browsers while their default settings had been circumvented.