The Wall Street Journal reported that Google engineers had developed — and then rolled out — a ‘workaround’ to defeat MY privacy setting in Safari (oh yeah, I take it personally) where I had overtly intended to block third party cookies, viz:
A clear intention to block third parties like advertisers from setting cookies in my browser to track my history. Google found a way to defeat that and used it. Scummy. (Safari OSX)
Here’s what WSJ’s Julia Angwin and Jennifer Valentino-DeVries reported:
Google’s iPhone Tracking
Web Giant, Others Bypassed Apple Browser Settings for Guarding Privacy
By JULIA ANGWIN And JENNIFER VALENTINO-DEVRIES
Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.
The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.
Google disabled its code after being contacted by The Wall Street Journal.
That “Google disabled its code …” is followed by this damning comment …
In Google’s case, the findings appeared to contradict some of Google’s own instructions to Safari users on how to avoid tracking. Until recently, one Google site told Safari users they could rely on Safari’s privacy settings to prevent tracking by Google. Google removed that language from the site Tuesday night.
This is, of course, being discussed all over the interwebs, with Google saying it’s been misunderstood. Henry Blodget, ran a bit of defence for the many-tentacled beast search/advertising giant in GOOGLE: The Wall Street Journal Is Full Of Crap—Here’s What That Apple Safari ‘Tracking’ Was Really About but even he, in laying out the ‘facts’, says:
But it’s also no surprise that people are once again stunned by Google’s behavior here. And Google’s statement will not set everyone at ease.
The facts are that:
- Google secretly developed a way to circumvent default privacy settings established by a hated competitor, Apple
- Google enabled this workaround to further its own advertising (revenue) and social-networking goals.
- Google then used the workaround to drop ad-tracking cookies on the Safari users, which is exactly the sort of practice that Apple was trying to prevent
Given the scrutiny around Google’s power and privacy practices, Google’s decision to do this can charitably be described as tone-deaf. More accurately, it can be described as idiotic. But, as usual, there’s a backstory.
What the hell is Google thinking to design a system to 'workaround' (trick) my specific privacy settings to limit cookies? (Safari iOS settings)
I think it’s scummy of Google. Scummy. Even the very reasonable John Battelle seems to agree, provisionally:
In this case, what Google and others have done sure sounds wrong – if you’ve going to resort to tricking a browser into offering up information designated by default as private, you need to somehow message the user and explain what’s going on. Then again, in the open web, you don’t have to – most browsers let you set cookies by default. In iOS within Safari, perhaps such messaging is technically impossible, I don’t know. But these shenanigans are predictable, given the dynamic of the current food fight between Google, Apple, Facebook, and others. It’s one more example of the sad state of the Internet given the war between the Internet Big Five. And it’s only going to get worse, before, I hope, it gets better again.
Flash — another dodgy business model IMO
John Battelle also mentions Flash — which, truth be told, I was very dubious about when I heard there was such a thing as ‘Flash cookies‘. I downloaded Flush app for OSX to get rid of them periodically *— before following John Gruber’s lead and removing the Flash plug-ins from my computer … relying on the Flash player embedded in Google Chrome (ha! the irony), which quits when I quit Chrome, unlike system-wide Flash, as I understand it.
This move from Google, following their streetview camera cars snooping on private wifi networks and in the context of their soon-to-be-unified ‘privacy policies’ makes me doubt them even more.
I think Google’s intentions are suspect, and I’m moving to a ‘guilty until proven innocent‘ attitude to them. The same view I have of Facebook, incidentally.
GOOG Safari tracking is same “co. doing something it shouldn’t, but w/o nefarious purpose” storyline appearing again & again in tech space.
Yeah, it’s a pattern.
For me, it’s time to disentangle myself from Google, if possible. They’re doing ‘evil’, in my eyes.
– P
* I just ran Flush and it cleaned out 83 flash cookies. What the hell?
Update: And yeah (hell yeah) I’ve purged the 3790 cookies stored on Safari.
I feel the likes of Facebook, Google and don’t believe Apple have not been guilty of similar acts in the past. But its ok Peter just ignore those. I think they decide to take the punt and if in fact they are forced to change their policy/decisions or are penalised the net result always ends up as a win and suits them.
Also they claim that to provide the services and tools users want we need to enforce these Privacy relaxants to provide these solutions.
And unlike myself and I think Peter who would prefer the opt in facility, unfortunately we are the minority. Most people don’t care that their on-lines privacy/freedom is slowly being removed
Yes I agree, the ‘concern’ about privacy is a generational thing in many cases. But the issues are real (well, I would say that, wouldn’t I?)
Apple is, I am sure, not squeaky clean, and there’s an argument making the rounds that the ‘block third party cookies’ default in Safari is a poisoned dart aimed at Google … my own view of that is I DO want a way to stop cookies embedded in webpages (and images for god’s sake) from trailing me around the web. Damn them.
Google is, no question about it, selling us as data and the logged in vs not logged in distinction is fading.
The WSJ article, overcooked as it may be, shows that opting out of Google services, and giving my browser specific instructions to block cookies from sites I don’t visit, isn’t enough to keep my data and browsing history safe their rapacious tentacles.
It should be,
– P
[…] we believe anything Google says?Posted in February 21, 2012Peter AranyiNo Comments »Apropos Another Google privacy FAIL (grrr) wherein we discussed Google defeating Safari’s privacy settings to plant ‘third party […]
[…] « Negative campaigningDefault search engines, privacy … and trying alternatives to GooglePosted in 19 June 2012Peter AranyiNo Comments »Image: blurbhack.com (click)As I’ve indicated, I’ve been steadily making my web browsing footprint lighter and checking out alternatives to Google search — which, as well as trailing us all, spectacularly broke trust with users by circumnavigating (read: disobeying) explicit instructions in preferences to ‘block third party cookies’ by ‘unfair and deceptive‘ means (see Another Google privacy FAIL (grrr). […]
And we’re nearing a denouement …
http://thenextweb.com/google/2012/07/10/ftc-set-to-hand-google-record-22-5m-fine-over-safari-privacy-breach/
“Don’t be evil.” Right.
[…] cookies from third parties’ web browser preference (a scandal, anyway you look at it. See: Another Google privacy FAIL (grrr)) and one has to say the industry seems […]