Google Sued over 'Deceptive' Location Tracking

Uploaded on 2022-02-02 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

Google is being sued in the US over accusations it deceived people about how to control location tracking. 

Four Attorneys General (AG) from the District of Columbia and the states of Indiana, Texas, and Washington have filed separate lawsuits against Google for allegedly misleading its users into believing that they are no longer tracking their location when they deliberately pause the “Location History” setting on mobile devices.

All four AG’s allege that users are still being tracked by Google without them knowing unless they also turn off the location settings

“Since at least 2014, Google has deceived consumers regarding how their location is tracked and used by the Company and consumers’ ability to protect their privacy by stopping this tracking.... Google leads consumers to believe that consumers are in control of whether Google collects and retains information about their location and how that information is used. In reality, consumers who use Google products cannot prevent Google from collecting, storing, and profiting from their location.” says the Report from the Superior Court of the District of Columbia.

Google is accused  of using so-called Dark Patterns, marketing techniques that deliberately confuse users and a study carried out by researchers at Princeton University found up to two billion Android and Apple devices could be affected. 

The court filing claims thar for Google user to turn off Location History when using Google Maps or Search was insufficient, since a as a separate setting, Web and App Activity continued to log location and other personal data. In response, Google says these claims are inaccurate and outdated and describes Web & App Activity as a way to personalise experiences for users by saving searches and activity in a user’s account. 

"Google has relied on, and continues to rely on, deceptive and unfair practices that make it difficult for users to decline location tracking or to evaluate the data collection and processing to which they are purportedly consenting," the legal action alleges.

Google told reporters the case was based "on inaccurate claims and outdated assertions about our settings".
A representative added: "We have always built privacy features into our products and provided robust controls for location data.... We will vigorously defend ourselves and set the record straight."

The legal action claims Google's policies contained other "misleading, ambiguous and incomplete descriptions... but guarantee that consumers will not understand when their location is collected and retained by Google or for what purposes". It refers to dark patterns, design choices that alter users' decision-making for the designer's benefit - such as, complicated navigation menus, visual misdirection, confusing wording and repeated nudging towards a particular outcome.

Data regulators are increasingly focusing on these practices and Google faces a raft of other legal actions in the US, including:

  • In May 2020, Arizona filed a legal action over the same issue.
  • In December 2020, multiple US states sued over the price and process of advertising auctions.
  • In October 2020, the US Justice Department alleged Google had a monopoly over search and search advertising.

In a separate lawsuit, the US justice department in October 2020 alleged the tech company abused its position to maintain an illegal monopoly over search and search advertising. “Two decades ago, Google became the darling of Silicon Valley as a scrappy startup with an innovative way to search the emerging Internet. That Google is long gone,” says the Justice Department.

US Dept. of Justice:      Office of the Attorney General:        BBC:     Silicon:     MarwareBytes:      Guardian:    

You Might Also Read: 

Russia Fines Google For Illegal Content Breach:

 

« Winner: NSA Best Cyber Security Research Paper
Cyber Criminals Frustrated By Russian Crypto Currency Rules »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

Wavestone

Wavestone

Wavestone is a strategy and technology consulting company with areas of expertise including digital transformation and cybersecurity.

CERT.LV

CERT.LV

CERT.LV is the national Computer Emergency Response Team for Latvia.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

Eskive

Eskive

Eskive is a Brazilian cyber security awareness and education platform that empowers users and strengthens their company in the face of cyber threats.

Tetra Tech

Tetra Tech

Tetra Tech is a cybersecurity leader with extensive experience in supporting enterprise-wide programs and systems across multiple business lines from industrial control systems to health IT.

CyberRisk Alliance (CRA)

CyberRisk Alliance (CRA)

CyberRisk Alliance is a business intelligence company created to serve the rapidly evolving cybersecurity and information risk management marketplace.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

Persona

Persona

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Sure Valley Ventures

Sure Valley Ventures

Sure Valley Ventures is an entrepreneur led venture capital fund focused on helping software entrepreneurs grow and scale businesses that will have a global impact.

Lasso Security

Lasso Security

Lasso Security is a pioneer cybersecurity company ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.

Cyber Castellum

Cyber Castellum

Cyber Castellum is a cybersecurity consulting firm that specializes in the identification of security vulnerabilities in an organization’s technology landscape.