Third Circuit Dings Google for Sneaky Cookies

     PHILADELPHIA (CN) – The Third Circuit ruled that Google may have violated California privacy law by tricking users’ computers into allowing blocked code to be installed by Google ad software.
     Eleven months after hearing oral arguments, the Third Circuit on Tuesday remanded the case to Delaware Federal Court, which had dismissed all claims against Google in the 5-year-old class action.
     While the Third Circuit affirmed most of the lower court ruling, including that the software does not violate the federal Wiretap Act, Judge Julio Fuentes wrote for the majority that Google might not withstand scrutiny under California law.
     “What is notable about this case is how Google accomplished its tracking,” Fuentes wrote. “Allegedly, this was by overriding the plaintiffs’ cookie blockers, while concurrently announcing in its Privacy Policy that Internet users could ‘reset your browser to refuse all cookies.’ Google further assured Safari users specifically that their cookie blockers meant that using Google’s in-house prophylactic would be extraneous. Characterized by deceit and disregard, the alleged conduct raises different issues than tracking or disclosure alone.”
     Google already has paid $39.5 million in settlements to the Department of Justice and state governments.
     A Stanford graduate student revealed in 2012 that Google hoodwinked computer browsers into allowing exceptions for installing cookies, small pieces of text that track users’ location.
     Specifically, Apple’s Internet browser Safari allowed users to opt out of cookie installation unless a certain form was filed by the computer.
     Websites with Google’s ubiquitous ad software automatically filed the Safari form, triggering the exception and allowing cookies to be installed.
     In affirming the district court’s dismissal of Wiretap Act claims, the Third Circuit held that while Google did not constitute an illegal third party, the URL being tracked by the cookie could itself constitute content, at the least fulfilling partial criteria for the law’s violation.
     The court also sided with the district court decision that Google did not violate any other state laws of the federal Computer Fraud and Abuse Act.
     But it vacated the dismissal of “freestanding privacy claims against Google under the California Constitution and California tort law.”
     Judge Julio Fuentes wrote the unanimous opinion for the panel, which included Judges D. Michael Fisher and Cheryl Ann Krause.

%d bloggers like this: