Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Courts Google Privacy Safari United Kingdom

Google Loses Ruling In Safari Tracking Case 56

mpicpp sends this report from CNET: The floodgates are now open for UK users to sue Google over privacy violations tied to tracking cookies. In a landmark ruling, the UK's Court of Appeal has dismissed Google's request to prevent British Web users from suing the company over tracking cookies and privacy violations. The decision was announced Friday, according to the BBC. In spite of default privacy settings and user preferences — including an opt-out of consent to be tracked by cookies — Google's tracking cookies gathered information on Safari browser users for nine months in 2011 and 2012.
This discussion has been archived. No new comments can be posted.

Google Loses Ruling In Safari Tracking Case

Comments Filter:
  • by gurps_npc ( 621217 ) on Friday March 27, 2015 @03:32PM (#49357413) Homepage
    They had the gall to say their illegal invasion of privacy was OK because their was no financial harm?

    By that logic, some freak could put a camera in their shower - or worse their KID'S shower and not get punished.

    Yes, I know that much of the Internet based business hates privacy and tries to pretend it doesn't exist, but that is the enitre reason why we put those laws in place.

    • If people opted out and were still tracked, that's fair game for suing.

      Now what's the damages? A government trying to duplicate Chrome + Google search engine could not do so, and you'd probably have been taxed a hundred pounds per taxpayer in a failed attempt to do so.

      So I'd offer to settle to keep allowing you to use Chrome and Google for free, or get the hell off and go to IE and Bing.

      • If people opted out and were still tracked, that's fair game for suing.

        Now what's the damages? A government trying to duplicate Chrome + Google search engine could not do so, and you'd probably have been taxed a hundred pounds per taxpayer in a failed attempt to do so.

        So I'd offer to settle to keep allowing you to use Chrome and Google for free, or get the hell off and go to IE and Bing.

        Spoken like a true "Glad to be surveilled" Brit.

    • by Anonymous Coward
      You seem to be unaware this is a civil case. In a civil lawsuit, you sue for damages. The examples you gave are criminal actions. People can go to jail for violating criminal laws even if no one was harmed at all. That distinction is fundamental to Western legal systems and you really should learn the basics some time.
  • On what grounds could one sue? I imagine it would be quite hard to prove real damages with a price-tag attached.

    Also, we don't have class-action lawsuits in the UK.

    Also, the new BBC News design looks truly awful on Firefox+NoScript on desktop. Not an improvement, BBC.

    • by Lunix Nutcase ( 1092239 ) on Friday March 27, 2015 @03:58PM (#49357617)

      On what grounds could one sue?

      Probably under data privacy laws.

      I imagine it would be quite hard to prove real damages with a price-tag attached.

      They don't need to show financial hardship:

      Google argued the point was moot because consumers suffered no financial hardship due to the practice. The UK's Court of Appeal disagreed. According to the court's judgment:

      "These claims raise serious issues which merit a trial. They concern what is alleged to have been the secret and blanket tracking and collation of information, often of an extremely private nature [...] about and associated with the claimants' Internet use, and the subsequent use of that information for about nine months. The case relates to the anxiety and distress this intrusion upon autonomy has caused."

      • by Anonymous Coward

        he case relates to the anxiety and distress this intrusion upon autonomy has caused."

        Autonomy? This in a nation with CCTV cameras every 10 yards or so...

        • he case relates to the anxiety and distress this intrusion upon autonomy has caused."

          Autonomy? This in a nation with CCTV cameras every 10 yards or so...

          I know; I thought that was funny, too.

          But maybe the British Courts are swinging the pendulum the other way, now...

    • by Merk42 ( 1906718 )

      Also, the new BBC News design looks truly awful on Firefox+NoScript on desktop. Not an improvement, BBC.

      Seems to work surprisingly well for no JavaScript.

    • by Anonymous Coward
      Privacy law are quite stronger in EU. The fact that the privacy was breached *IS* the damage. there is no need to prove damage beyond the breach.
      • However, we don't normally award punitive damages in civil cases here in the UK, so even if there is a definitive judgement at some stage that Google was invading privacy and failing to protect personal data, it seems unlikely they will suffer more than a token slap on the wrist from a privacy regulator provided that they cease and desist (as it appears they already have). Unfortunately, civil trials here are not very effective at recognising damage that comes in forms other than actual financial loss and d

    • On what grounds could one sue? I imagine it would be quite hard to prove real damages with a price-tag attached.

      Also, we don't have class-action lawsuits in the UK.

      Perhaps "Breach of Contract"? I am SURE, even without looking, that, buried deep down on Google's site, is some document that starts "By using this service, you agree to the following terms and conditions..."

      You don't have Class Actions in the UK? How telling...

      • Perhaps "Breach of Contract"? I am SURE, even without looking, that, buried deep down on Google's site, is some document that starts "By using this service, you agree to the following terms and conditions..."

        Honestly, it doesn't matter WTF is in Google's ToS if those terms violate the local law.

        Google can whine and bitch all they want, but you can't embed something illegal into a contract.

        The UK privacy laws always trump Google, no matter what Google wants to claim. Especially since Google has localized ve

      • You don't have Class Actions in the UK? How telling...

        It's not so simple. The following is an amateur explanation of how things work. Perhaps someone can explain it better?

        The UK has loser pays on legal fees. Once one person wins a lawsuit on a common basis, others can expect to win also. If the company lost those cases in court (as would now be very likely), the company would be liable for both sides' legal bills in lots of individual cases. So, after losing one representative case in what would be cl

        • You don't have Class Actions in the UK? How telling...

          It's not so simple. The following is an amateur explanation of how things work. Perhaps someone can explain it better? The UK has loser pays on legal fees. Once one person wins a lawsuit on a common basis, others can expect to win also. If the company lost those cases in court (as would now be very likely), the company would be liable for both sides' legal bills in lots of individual cases. So, after losing one representative case in what would be class action in the USA, a defendant has a very strong incentive to settle the others. People who would be in a class in the USA can band together to fund the initial representative case.

          Thanks for the explanation, that does help.

          But I still don't like the "Loser Pays" rule, when there is a big difference between the resources of an individual trying to sue a well-heeled company (let alone the government) with the sheer legal might to run roughshod over almost any arguments or experts the lowly individual might bring to the bar. But that's a discussion for another time.

  • by Anonymous Coward on Friday March 27, 2015 @03:55PM (#49357597)

    Google started in the gutter as a fucking AD AGENCY, and they went downhill to selling every detail of your private life they can get their grubby hands on.

    Their fundamental business is to wring every last bit of privacy from you and SELL IT.

    Don't tell me you EVER thought "Don't be evil" was anything other than a marketing slogan concocted by - get this - an ad agency.

  • Wrong target (Score:4, Interesting)

    by Martin S. ( 98249 ) on Friday March 27, 2015 @04:03PM (#49357659) Journal

    This problem was caused by a bug in Safari that ignored the no tracking setting and accepted and returned the cookies. This court case is just absurd. The target should be Apple not Google.

    • Re:Wrong target (Score:4, Insightful)

      by Anonymous Coward on Friday March 27, 2015 @04:18PM (#49357767)

      Except Google went out of their way to exploit this bug to so they could use their cookie to further their business goals. This was no ‘accidental’ situation where they happened to get cookies, they adjusted their code to trigger the bug.

    • by Anonymous Coward

      There's something to this. AFAIK, the conversation between browser and server went like:

      Goog: Hey, I got this cookie here. Store it for me?
      Browser: Sure, send it on over!
      Goog: OK! Give it back later. Cool?
      Browser: Cool.

      Information wants to be free. You can't very well blame google for remembering information you sent them. This reminds me of people who post shit on Facebook for everybody to see, then get upset when later on, somebody sees it. You don't want that to happen, then don't post it! Same

      • Information wants to be free.

        Information is inanimate and doesn't want anything. If you believe otherwise feel free to post your banking information and medical history because apparently that wants to be free as well.

        Please, won't you think of the information?

    • Why not both? Apple should be held accountable for their software ignoring the flags set by the user (if that's actually the case, and I'll get to that later), but Google should be held accountable for exploiting a weakness in someone else's systems.

      If I were to exploit a bug for profit, I'd get to look forward to federal PMITA prison. When large corporate conglomerates do the same thing, they get to laugh about how they didn't cause anyone financial losses, so they should get away scot-free.

      That being sa

    • Yeah, let's go with that logic next time a major healthcare website is hacked and your private data is suddenly plastered everywhere.

      Or, let's realise there is no restriction on how much blame there is to go round, and we blame Apple for having bugs in their software, and we blame Google for going out of their way to exploit a bug in Apples software.

      Google deserves to be slapped down for this.

    • Re: (Score:3, Insightful)

      by BadgerRush ( 2648589 )

      You are terribly misinformed about what the "no tracking" flag means. It is not a setting meant to change how the browser stores information or behaves, and it is definitely not some equivalent of a "disable cookies" setting. Instead the no tracking flag is meant to be sent on a HTTP header as a way to inform the server that the user doesn't wan't to be tracked, it is a way for users inform the server that they are actively opting-out of any and all tracking.

      So there was no bug in Safari, browsers with no t

      • Re:Wrong target (Score:4, Informative)

        by _merlin ( 160982 ) on Friday March 27, 2015 @06:40PM (#49358499) Homepage Journal

        No, you're describing the "do not track" header, and that's not what this is about. This is about circumventing the "accept 3rd-party cookies" setting. Google used a nasty piece of JavaScript to simulate a user form submission so they could store a cookie that would otherwise be rejected.

      • by Anonymous Coward

        You're wrong that there was no bug:
        Greenhalgh says that Apple’s Safari web browser is especially vulnerable to the exploit. While clearing cookies on Mozilla’s Firefox, Google Chrome, or Opera also erases HSTS flags, deleting the super cookies, there’s no way to do so on Safari on iOS devices.

        Read more: http://www.businessinsider.com/super-cookies-hsts-security-private-2015-1#ixzz3VgIBUc8H

        and you're wrong how the do not track header functions:
        There are no legal or technological requirement

    • This problem was caused by a bug in Safari that ignored the no tracking setting and accepted and returned the cookies. This court case is just absurd. The target should be Apple not Google.

      Haters gotta hate, don't they?

    • The target should be Apple not Google.

      That's a stupendous way to end software development overnight. Yes, Apple had a bug. All software has bugs. They clearly intended for a different outcome and surely never expected Google to actively attack it.

      Of the two, Apple made a mistake but acted with good intentions (at least on the surface, but there's no point going full tinfoil because then there's no point having a conversation about it). Google acted maliciously, and if someone's going to be held accountable for this then it should be them.

      In bef

  • Expect successful lawsuits in Canada, where Privacy is a Constitutional Right, and eventually in the US by EU/UK and Canadian citizens protected against such actions by the EU/US and US/Canada Data Treaties.

    (note: if you don't like that they have more rights in the US than you do, don't sign treaties giving them such rights next time)

  • In Australia government will be suing corporation for not spying on their users. (metadata retention laws)

I had the rare misfortune of being one of the first people to try and implement a PL/1 compiler. -- T. Cheatham

Working...