Apple's Breached Safari Users: Google Didn't Mean To, But Is It Right?

The U.S. Federal Trade Commission has just levied its largest fine ever against a company - $22.5 million against the search giant Google for planting unauthorized cookies in Apple's Safari browser. Google retorted by saying that it was an accidental and that the settlement focuses on outdated tactics.

Apple's Safari browser, when set to default, automatically blocks all third-party cookies. The problem lies in a loophole that Google took advantage of.

But if you're a Safari user, hold your horses before you scramble to change your digital fingerprints. Google stated that no personal information was collected such as names or credit cards. Instead, Google was intent in providing signed-in Google users to experience features they had enabled, such as the ability to "+1" in their Safari browsers.

Jonathan Mayer from Stanford first spotted Google's hidden cookie back in February 2012 and revealed it in his blog.

Google issued this statement shortly after:

"We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."

Cookies are little bits of text that browsers can collect that is essentially a record of a user's browsing history. This kind of knowledge helps online advertisers target their audiences better.

In an email statement after the recent FTC fine, Google said, "We set the highest standards of privacy and security for our users. The FTC is focused on a 2009 help center page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple's browsers."

So Google simply wanted to allow its users the best of its world even in another browser. Sounds noble, doesn't it?

A term Mayer uses in his analysis blog post is "circumvention." Essentially, Google exploited a loophole to plant this functionality in Safari browsers.

Mayer goes on to state that he only found four advertising companies that exploited the loophole in the Safari browser. It's not common business practice, he says, and even online advertisers shy away from using such tactics.

Google's only intention may have been to give its followers the most robust experience everywhere. But the road to hell is paved with good intentions, and exploiting loopholes for a noble cause, is still exploitation.