Categories: Google

Google to Pay $391M Fine for Android User Location Tracking Practices

To settle a privacy lawsuit brought by a group of attorneys general from 40 different U.S. states, Google has agreed to pay $391.5 million.

Reports say U.S. Michigan will earn close to $12 million from the settlement, which is the biggest multistate Attorney General Privacy settlement in American history.

Michigan Attorney General Dana Nessel said, “Google makes the majority of its revenue from using the personal data of those who search in its browsers and use its app.”

“The company’s online reach enables it to target consumers without the consumer’s knowledge or permission. However, the transparency requirements of this settlement will ensure that Google not only makes users aware of how their location data is being used but also how to change their account settings if they wish to disable location-related account settings, delete the data collected, and set data retention limits”.

A crucial component of Google’s digital advertising business is location data. Google creates thorough user profiles and targets ads on behalf of its advertising clients using the personal and behavioral data it collects. 

One of the most delicate and important pieces of personal information that Google gathers is location data. Even a small bit of location information can be used to infer personal information and reveal a person’s identity and routines.

Location History and Web & App Activity

According to a 2018 Associated Press article that claimed Google “tracks your movements even when you explicitly tell it not to,” the attorneys general launched their investigation into Google.

Particularly, the report says ‘Location History’ and ‘Web & App Activity’ were the two Google account options that were highlighted in the article. While Web & App Activity, a different account setting, is automatic “on” when users set up a Google account, including all Android phone users, Location History is “off” unless a user turns it on.

Settlement’s Specifics

The attorneys general found that Google violated state consumer protection laws by misleading consumers about its location-tracking practices since at least 2014.

In particular, Google made users uncertain about the Location History setting, the existence of the Web & App Activity setting, which also collected location data, and the extent to which users of Google’s services could limit location tracking by modifying their account and device settings.

In accordance with the settlement, Google must disclose more of its business operations to customers. Google should:

  • Show additional information to users whenever they turn a location-related account setting “on” or “off”;
  • Make key information about location tracking unavoidable for users (i.e., not hidden); and
  • Give users detailed information about the types of location data Google collects and how it’s used at an enhanced “Location Technologies” webpage.

Hence, the settlement also places restrictions on Google’s usage and storage of specific categories of location data and mandates that Google account controls be easier to use.

Reports state that the National Commission on Informatics and Liberty (CNIL) of France also penalized Google $170 million in January 2022 for violating internet users’ rights to free consent by making it challenging to decline website monitoring cookies and hiding the option behind several clicks.

The Australian Competition and Consumer Commission (ACCC) stated in August that it had fined Google $60 million for deceiving Australian Android customers and gathering their location data for nearly two years.

Managed DDoS Attack Protection for Applications – Download Free Guide

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…

1 day ago

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…

3 days ago

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…

3 days ago

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…

3 days ago

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…

4 days ago

Notorious WrnRAT Delivered Mimic As Gambling Games

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…

4 days ago