Google defensive after fresh privacy breach

Google has been scrambling to give internet users more power to block advertisers from tracking their online behaviour, as it seeks to limit the damage from the latest privacy scandal to dent its corporate image.

As part of the effort, it will adhere to “do not track” requests from individuals when serving up adverts from its own DoubleClick network, said a person familiar with the plans, a move that would make it the first big online advertising company to limit itself voluntarily in this way.

Google’s race to regain the high ground came after its latest admission to a devastating privacy glitch.

The slip-up was uncovered by a researcher at Stanford University, who discovered that the company had secretly overridden a block in Apple’s Safari browser that was meant to bar illicit tracking by advertisers.

Google had circumvented the default setting in Safari that is meant to prevent advertisers from planting “cookies” in the browser, according to Jonathan Mayer, a graduate student at the university. Cookies are short pieces of code that gather information about the websites users visit and report the information back to the companies that planted them.

The search company quickly admitted to the unapproved data collection, but described its action as inadvertent and the byproduct of an effort to let Safari users connect to services like its Google+ social network while browsing other pages on the web.

“We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers,” Google said.

The claim that it had collected information by mistake echoed its defence two years ago after cars used to photograph streets for its Street View service were found to have collected information from personal WiFi networks. That led to investigations by privacy agencies around the world.

“After the WiFi issue, they said they put a whole process in to prevent this happening again,” said Justin Brookman, director of consumer privacy at the Center for Democracy and Technology in Washington. That made the repeat failure “astounding”, particularly since Google had also made commitments about improving its performance as part of a recent privacy settlement with US regulators, he added.

European and US regulators have put pressure on internet companies to come up with “do not track” tools that let users block cookies. Google’s Chrome browser remains the only one that does not give individuals the ability to request that their behaviour is not tracked. However, the big advertising networks do not currently respond to such requests, making the technology moot.

Google is now racing to include the “do not track” technology in its Chrome browser, but will go further than other companies by abiding by the requests in its ad network, said the person familiar with its plans.

That would mark a “fantastic” breakthrough in the push to give individuals control over online targeting, said Mr Brookman, though he added that the effectiveness of the move would depend on Google’s detailed implementation of the technology.

In one indication of the potential fallout from its latest slip-up, a new European regulation came into effect last year that makes it illegal for internet companies to store information on users’ computers without their knowledge. However, this has so far been implemented in only 11 European countries.

Copyright The Financial Times Limited 2017. All rights reserved. You may share using our article tools. Please don't cut articles from and redistribute by email or post to the web.