FTC Reportedly Fining Google $22.5 Million Over Safari Privacy Abuse

← Back to Stories (view on slashdot.org)

FTC Reportedly Fining Google $22.5 Million Over Safari Privacy Abuse

Posted by Unknown on Wednesday July 11, 2012 @02:55AM from the 'tis-but-a-flesh-wound dept.

New submitter Slashbots writes "Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. It would be the largest settlement with the FTC over privacy-related charges ever. By abusing a privacy hole in Safari, Google circumvented user settings to show them advertising and track the user. 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole, Google had been able to avoid the block, as researchers discovered in February. It installed cookies and tracked Safari users across the Web to show them personalized ads.'"

175 comments

Min score:

Reason:

Sort:

Jail Time? by war4peace · 2012-07-11 02:58 · Score: 5, Insightful

This thing of "We do something illegal, you fine us, everyone's happy" must stop. Somebody must serve some nice jail time (not much, say 6-12 months) and then maybe such fucked up practices would diminish.
This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.

--
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
1. Re:Jail Time? by Iceykitsune · 2012-07-11 03:00 · Score: 1
  
  How do you imprison a corporation?
  
  --
  GENERATION 24: The first time you see this, copy it into your sig on any forum and add 1 to the generation. Social exper
2. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:02 · Score: 0
  
  Ask the judicial system they ruled corporations are people.
3. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:03 · Score: 0
  
  Put the C*O names on different regions of a dartboard. The first three darts to hit the board result in a 5 year prison sentence.
  More usefully, find who implemented it. Give them the standard mob options: 15 years, or 5 if you can prove you were just a grunt. Continue the chain until someone's getting 15 years.
4. Re:Jail Time? by Chrisq · 2012-07-11 03:05 · Score: 1
  
  How do you imprison a corporation?
  Seriously, a better punishment would be community service. If Google had to teach a certain number of man-years in IT lessons in public schools it would be a deterrent to Google and a benefit to education.
5. Re:Jail Time? by aristotle-dude · 2012-07-11 03:06 · Score: 3, Insightful
  
  How do you imprison a corporation?
  The "buck" is supposed to stop with the CEO of the company so you imprison/fine the CEO and/or the C-level exec who signed off on the project personally.
  Some exec should be seeing either a personal fine, jail time or both.
  
  --
  Jesus was a compassionate social conservative who called individuals to sin no more.
6. Re:Jail Time? by Buccaneer+Waggerstrm · 2012-07-11 03:09 · Score: 2
  
  You freeze Google's assets and jail anyone involved. Problem solved.
7. Re:Jail Time? by Daniel+Dvorkin · 2012-07-11 03:09 · Score: 2
  
  How do you imprison a corporation?
  "Corporations are people, my friend." Except when they're not. Convenient how that works.
  
  --
  The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
8. Re:Jail Time? by GodfatherofSoul · 2012-07-11 03:13 · Score: 1
  
  WTF was that you?!?
  
  --
  I swear to God...I swear to God! That is NOT how you treat your human!
9. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:17 · Score: 0
  
  Someone made the decision. A real live person. They need to be named. When corporations are doing something wrong, there will always be a person that makes the final call. They are the ones that need to face jail time. It'll only take one case to make all the bastards hiding behind corporate names stop and think before they continue down a dodgy path.
  It's called piercing the corporate veil, it's used when finance is involved, and can trivially be done in cases like this.
10. Re:Jail Time? by gstoddart · 2012-07-11 03:20 · Score: 1
  
  How does a corporation have free speech rights?
  
  --
  Lost at C:>. Found at C.
11. Re:Jail Time? by ackthpt · 2012-07-11 03:21 · Score: 3, Interesting
  
  This thing of "We do something illegal, you fine us, everyone's happy" must stop. Somebody must serve some nice jail time (not much, say 6-12 months) and then maybe such fucked up practices would diminish.
  This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.
  Geez, you and your rational views. Don't you know the corporate veil protects all within? I mean, just because Corporations are People .. seriously, they're about as accountable for their crimes as an indigent doing to your house, what you describe. You're hosed, you won't get anywhere prosecuting them. The bank crisis made this painfully clear - so many little crimes done by committee, what can you do, put the committee in jail? Fines are about the only way to punish and usually only punishes those left behind, because the people who committed the actions are now off somewhere with their big bonuses.
  I like the way they fine you in Germany .. it's based upon your ability to pay. It makes you really feel the pain. A rich guy gets drunk and drives across your lawn, he can be fined hundreds of thousands, because it's based upon his income or wealth, not some set, piddly amount. So we implement such a system and then pull back in the people who made these decisions and make them pay .. prevents making a mess and escaping, while others are left to clean up after you. Also encourages leaving your former place of business in good order, going concern looked after sorta thing.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
12. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:22 · Score: 0
  
  You have a weird idea of "illegal". The FTC is just insane and out of bounds.
13. Re:Jail Time? by vlm · 2012-07-11 03:22 · Score: 2
  
  If Google had to teach a certain number of man-years in IT lessons in public schools it would be a deterrent to Google and a benefit to education.
  OK, your punishment makes sense for the Mighty GOOG, but what if you wanted to punish Microsoft? Having them "teach" kids is just going to screw the kids up even worse. Also "real programmers" don't have degrees, but public schools require not just bachelors but masters legally to teach.
  Now what would work, is using existing community service programs. The corp has to provide 200000 paid hours of recyclables sorting, soup kitchen labor, park and roadside cleanup labor, etc. Emphasis on paid hours. Most corps such as mine already demand workers put in completely unpaid "volunteer" hours as part of our jobs, part of our official job evaluations.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
14. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:22 · Score: 0
  
  And that punishes people who had nothing to do with. Again, ask the judicial system.
15. Re:Jail Time? by MachDelta · 2012-07-11 03:25 · Score: 1
  
  More usefully, find who implemented it. Give them the standard mob options: 15 years, or 5 if you can prove you were just a grunt. Continue the chain until someone's getting 15 years.
  Guilty until proven innocent on the grunt's part, eh? I suspect we would see a lot of grunts with tire tracks on their backsides.
  Meanwhile, the "We're responsible for the company until we're not responsible for the company" CxO's would still swim in champagne, ski in cocaine and float about on the breeze in their golden parachutes.
16. Re:Jail Time? by epine · 2012-07-11 03:25 · Score: 1
  
  This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.
  That why credit rating agencies were granted an exemption from prosecution for liability and slander, even if their files contain shit information, and they spread it around to anyone who asks, even after they've being pointedly informed that the information is false.
  You underestimate the power of a black eye well deserved, which is almost so great as s/Tuttle/Buttle.
17. Re:Jail Time? by SuricouRaven · 2012-07-11 03:26 · Score: 1
  
  The Pointy-Haired Boss explained the problem with this: "Credit travels upwards, blame travels downwards. That's just the way it works."
18. Re:Jail Time? by MickyTheIdiot · 2012-07-11 03:31 · Score: 2
  
  If the CEO is important enough to get millions of dollars, then he is important enough to jail, though I would say it would be reserved for more grevious crimes.
  Rick Scott, the idiot governor of Flordia, made himself rich off what was then the biggest medicare scam in history. He is a great example of someone who should of gotten personal jail time.
19. Re:Jail Time? by vlm · 2012-07-11 03:31 · Score: 1
  
  How do you imprison a corporation?
  Has anyone ever tried (cost of imprisonment per year) * (number of officers, or number of employees).
  Supposedly it costs $70K per prisoner per year (hmm, I bet it depends where and what security level) so 22.5 million is 321 person-years of prison. That seems a little excessive since you can kill someone and only get a decade or so... I'm not sure the GOOGs action is quite up to the mass murderer level.
  It would make a hell of a lot more sense to give corporations probation, and charge them an amount of money which goes directly to the budget of the applicable regulatory agency... so $22.5 M extra dollars devoted to "double secret probation" watching the Mighty GOOG even closer.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
20. Re:Jail Time? by MickyTheIdiot · 2012-07-11 03:35 · Score: 1
  
  Every time the corporate anarchists have to come out to play.
21. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:38 · Score: 0
  
  How do you imprison a corporation?
  Force them to move and operate from a failed country with corrupt officials, preferably under economic sanctions, without any chance to withdraw their assets from it. Bribing officials will work only as long as officials don't realize that corporations sentenced to serve under them are totally their bitches.
22. Re:Jail Time? by bill_mcgonigle · 2012-07-11 03:40 · Score: 1
  
  How do you imprison a corporation?
  you suspend their license to operate for a period of time.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
23. Re:Jail Time? by Charliemopps · 2012-07-11 03:44 · Score: 2
  
  well, you're off base. It's hard to jail a company. The problem here isn't the penalty being a fine... the problem is fining a company that's worth $185 Billion, $22 million. That'd be like fining your average person $5 to $10. It's not even a slap on the wrist. The fine should be a percentage of the businesses market cap plus all gross revenue generated by the offending activity. Fines in the neighborhood of a Billion dollars would have a more dramatic affect on operations I'd think.
24. Re:Jail Time? by the+eric+conspiracy · 2012-07-11 03:46 · Score: 2
  
  > Don't you know the corporate veil protects all within?
  Actually it doesn't.
  http://en.wikipedia.org/wiki/Piercing_the_corporate_veil#United_States
25. Re:Jail Time? by vlm · 2012-07-11 03:47 · Score: 2
  
  How do you imprison a corporation?
  There's X active employees around the time of the crime and that crime earns a Y month prison term if a mere citizen did it instead of a corp. There are practical issues with sending individuals to prison, but GOOG could hire/outsource A number of unemployed and/or homeless people to attend prison in their employees place for B months where X*Y = A*B and the monthly "wage" of attending prison as an honorary GOOG employee floats as a free market but never declines below 40 hours a week at minimum wage. "Inmate employees" legally required to get the same benefits as non inmate employees. Its crazy, but not too crazy.
  I would imagine, since you're only being paid while you attend prison, security at corporate prison would be pretty light and cheap other than keeping the scum from killing each other. Build next to a hospital because plenty of uninsured will be signing up to be goog employees, build next to a college (and GED high school) since many inmates would like to learn while incarcerated and they've got a guaranteed income, build next to a gym because many inmates are fat, build next to a detox center because many volunteer inmates will be there because of addiction, build next to a mental hospital because many homeless are completely nuts...
  There is a political desire, by some anyway, to drug test welfare recipients. Well, as GOOG employees, voluntary inmates would have to pass a drug screen like any other employee, I suppose. Some employers don't drug screen. Whatever. I donno about prison life, but don't they drug test "inside"?
  This also works around the hire and fire issues, where if the Mighty GOOG hired me next week, there seems no point in imprisoning me if I had nothing to do with it.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
26. Re:Jail Time? by MickyTheIdiot · 2012-07-11 03:47 · Score: 1
  
  Oh, and as usual, we are forgetting that a Corporation is a creation of the state; if the state is so inclined it can take away its charter and make it illegal to do business in this country. Sure they just morph and reincorporate, but that brand name would be lost forever.
27. Re:Jail Time? by Anonymous Coward · 2012-07-11 03:59 · Score: 0
  
  You're deeply naive if this fine reflects anything but Google's relative lack of aggressive lobbying.
  Microsoft was in the same boat a decade ago, until they figured out they can bribe congress and hire lobbyists to make their govt problems go away.
  This, and the "wifi gate" issue are basically non-issues that have been blown out of proportion by legislators propped up by Google's competitors.
  22.5 million for hacking around a browser's half baked broken implantation of what is effectively an "evil bit?" ? You have to be fucking kidding me.
  For that matter, Googles response to this whole issue has been pretty graceful. They don't have their CEO posting whiny screeds about having their innovation stomped on. They just shrug, disagree, and pay the fine to let the issue go away.
28. Re:Jail Time? by Anonymous Coward · 2012-07-11 04:00 · Score: 0
  
  You need to hit the shareholders. Once the fines get so large they impact profits, the shareholders will push management to behave.
  Locking up the executives would be a beautiful thing as well.
  Since that won't happen anytime soon, don't use products or services by companies that do these kinds of things.
29. Re:Jail Time? by Savage-Rabbit · 2012-07-11 04:09 · Score: 1
  
  And that punishes people who had nothing to do with. Again, ask the judicial system.
  Screw jail time. All that accomplishes is that a few scapegoats go to jail while the rest of the cabal which inevitably escapes prosecution goes and buys new yachts to celebrate getting away with breaking the law. Do what was done here, fine them, except make the fine much bigger. Google shrugs off a $22 million fine, but I $2 billion would get their attention. The only time a corporation feels pain is when it looses money.
  
  --
  Only to idiots, are orders laws.
  -- Henning von Tresckow
30. Re:Jail Time? by future+assassin · 2012-07-11 04:11 · Score: 1
  
  You jail the person who came up with the idea. Just because you hide behind a corporation doesn't mean you are not liable if you do something that is against the law.
  
  --
  by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
31. Re:Jail Time? by war4peace · 2012-07-11 04:18 · Score: 1
  
  How about both? CEO in jail (or at least one of the few directly reporting to him) AND a hefty fine, which is a % of yearly profit, starting from 10% and increasing by a fixed amount every time they are found guilty of something.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
32. Re:Jail Time? by geminidomino · 2012-07-11 04:18 · Score: 3, Interesting
  
  Supposedly it costs $70K per prisoner per year (hmm, I bet it depends where and what security level) so 22.5 million is 321 person-years of prison. That seems a little excessive since you can kill someone and only get a decade or so...
  
  Not excessive at all when you consider that no one actually has to do the time, live with the felony conviction, etc...
  A better comparison might be:
  Google 2011 Revenues (Income): 37,905,000,000
  Fine: 22,500,000
  Fine as % of Income: 0.06%
  Compare to a "comfortable" person making $100K
  Gross Income: 100,000
  Fine @ 0.06%: $60
  Yeah, somehow I don't think that's much of a disincentive there...
33. Re:Jail Time? by war4peace · 2012-07-11 04:22 · Score: 1
  
  Heh, was my evil twin, I swear! I'm innocent!
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
34. Re:Jail Time? by war4peace · 2012-07-11 04:24 · Score: 1
  
  I agree to that view as well. But sometimes, prison time hurts more than even huge fines, because the person at the top is nowhere near used to that, nor do they expect anything like that to happen to them.
  The prison time shock would likely be so great that top executives would turn to become completely honest for the rest of their lives. And even if not, it's worth giving it a try.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
35. Re:Jail Time? by tripleevenfall · 2012-07-11 04:32 · Score: 1
  
  You can't just make up a number for a fine.
36. Re:Jail Time? by serviscope_minor · 2012-07-11 04:33 · Score: 1
  
  Also "real programmers" don't have degrees,
  Neither do true scotsmen.
  
  --
  SJW n. One who posts facts.
37. Re:Jail Time? by aztektum · 2012-07-11 04:37 · Score: 1
  
  Not all like you suggest. In the case of someone breaking into your house and smearing shit all over, you have cost of clean up, replacement of items that were damaged beyond repair, etc.
  What monetary cost did Safari users incur by Google's actions?
  I don't disagree it was a shitty practice, but your analogy is flawed.
  
  --
  :: aztek ::
  No sig for you!!
38. Re:Jail Time? by Tough+Love · 2012-07-11 04:38 · Score: 1
  
  Make all the Googlers work out of Apple HQ for a week.
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
39. Re:Jail Time? by postbigbang · 2012-07-11 04:46 · Score: 1
  
  It was pocket change. This afternoon, they'll continue on their merry way, have lunch, fly in the corporate jets to some important location, and it will become history. No scar tissue.
  It's the cost of doing business. Privacy? Google? It is their business model to invade your privacy, and sell you out like stool pigeon. Yet people pontificate them as a balance between Microsoft and Apple. Doesn't say much for the industry today, does it?
  
  --
  ---- Teach Peace. It's Cheaper Than War.
40. Re:Jail Time? by Anonymous Coward · 2012-07-11 04:48 · Score: 0
  
  This thing of "We do something illegal, you fine us, everyone's happy" must stop. Somebody must serve some nice jail time (not much, say 6-12 months) and then maybe such fucked up practices would diminish.
  This is like me breaking into someone's house, pissing and shitting all over the place, then paying a 5 dollar fine for doing so. Would that stop me in the future? Hell no.
  Screw jail time. That costs the taxpayers too much. Levy meaningful fines. $22.5M is chicken feed to Google. Fine it a billion dollars and you'll see some hurt.
41. Re:Jail Time? by Monoman · 2012-07-11 04:54 · Score: 1
  
  People and corporations ned to be accountable. No more hiding behind a corporate identity. The fact is corporations are made up of people. People making decisions and people taking actions. The people that made the decision to break the law as well as those that did the law breaking should do jail time. The corporation should also be significantly punished (most likely monetary).
  
  --
  Keep the Classic Slashdot.
42. Re:Jail Time? by shentino · 2012-07-11 04:57 · Score: 1
  
  Thing is I think they only did it for people who already had a google account, and there's a very plain opt out mechanism.
43. Re:Jail Time? by sortadan · 2012-07-11 04:57 · Score: 1
  
  How about actually punishing them for what they did. Everyone on this thread is going nuts trying to say that because on one browser they worked around a privacy setting (bad I know), they should all go to jail, especially the people that had nothing to do with it, and a large percent of their total revenue should be given over to a newly formed government agency dedicated to poking Google employees with sharp things.
  
  How about the targeted ads that they showed affected users amounted to 2.25M revenue (probably a lot less, but whatever), and the fine is 10x that. That seems like a good disincentive.
  
  [Flamebait]On balance Google is way better than the patent trolling Apple which is blocking the Nexus because of a BS universal search patent, how about Apple has to pay all the Google users who don't get this obvious feature a large percentage of their total revenue and we poke them with some sharp stuff?[/Flamebait]
44. Re:Jail Time? by TheGratefulNet · 2012-07-11 05:02 · Score: 1
  
  "we want the MONEY, lebowski!"
  yeah, carpet pissers won't be deterred by fines.
  
  --
  
  --
  "It is now safe to switch off your computer."
45. Re:Jail Time? by moeinvt · 2012-07-11 05:04 · Score: 1
  
  The fact that companies like Barclays, Goldman Sachs, et al. have been fined millions when their criminal activity nets them BILLIONS makes it difficult for me to think jail time is appropriate for the Google employees in this case.
  Is it up to the company serving web advertisements to respect the "intended" functionality of the browser as opposed to the "actual" functionality?
  Hopefully you would refrain from shitting all over people's houses for free.
46. Re:Jail Time? by geminidomino · 2012-07-11 05:07 · Score: 1
  
  I wasn't pushing for "jail time" for anyone, involved or otherwise. I do think that, regardless of the revenue that the scam brought in, that less than 1 day's revenue is far too low. It's a disincentive to try this trick again, but not against dirty tricks in general.
47. Re:Jail Time? by Blrfl · 2012-07-11 05:09 · Score: 1
  
  Really, it just puts the onus on employees to carefully vet the companies that make them offers. It's no different than going to work for a company with a shaky business model that collapses a year later. If you go to work for a company with a record of having been shut down for doing illegal things, you run the risk of them being recidivist.
48. Re:Jail Time? by TheGratefulNet · 2012-07-11 05:11 · Score: 1
  
  shut them down, totally and entirely, for a period of time.
  that will hurt more than anything. it gets right at what ceo's fear the worst: LOSS OF POWER, even if temporary.
  some public shaming might also help. make them sing "I'm a little teapot!" on tv and have them be charged the airtime for it, too! (#include 'not_sure_if_serious.jpg')
  
  --
  
  --
  "It is now safe to switch off your computer."
49. Re:Jail Time? by sortadan · 2012-07-11 05:16 · Score: 1
  
  Didn't mean to say that you were calling for that, just a lot of the previous posts on this thread. Reading below I found a link to this EFF article from Feb which says in part:
  
  This tracking, discovered by Stanford researcher Jonathan Mayer, was a technical side-effect—probably an unintended side-effect—of a system that Google built to pass social personalization information (like, “your friend Suzy +1'ed this ad about candy”) from the google.com domain to the doubleclick.net domain.
  As a side note, Vanilla cookie extension for Chrome is awesome.
50. Re:Jail Time? by Anonymous Coward · 2012-07-11 05:35 · Score: 0
  
  What law did they break?
51. Re:Jail Time? by Anonymous Coward · 2012-07-11 05:48 · Score: 0
  
  Better idea. Don't use Google and / or their products.
  After pulling this sneaky bullsh*t, why on Earth would I trust their Chrome browser ? It's become obvious their mantra of " Don't be evil " conclicts with money making potential if they bend or break the rules a little bit. Guess which idea is winning . . .
  Guess their new mantra should be " Nice guys finish last " :/
52. Re:Jail Time? by StripedCow · 2012-07-11 05:54 · Score: 1
  
  There are some downsides to jailtime, as others pointed out.
  A better penalty may be a temporary sales ban. In the case of Google, I would say a good penalty would be to disconnect them from the internet for a week or so.
  And of course, we adhere to the adagium: three strikes and you're out!
  
  --
  If Pandora's box is destined to be opened, *I* want to be the one to open it.
53. Re:Jail Time? by Anonymous Coward · 2012-07-11 05:55 · Score: 0
  
  True Programmers use Gamemaker. Those that don't use Gamemaker and claim to be programmers are False Programmers.
54. Re:Jail Time? by Anonymous Coward · 2012-07-11 06:19 · Score: 0
  
  You mean just putting Safari developers away? How is this google's problem is privacy settings in-the-browser aren't doing their job?
55. Re:Jail Time? by TheRaven64 · 2012-07-11 06:55 · Score: 1
  
  Also "real programmers" don't have degrees, but public schools require not just bachelors but masters legally to teach
  Very few programmers I've met who work at Google had fewer than two degrees. I'm not sure where all of these 'real' programmers are working, but apparently not at Google.
  
  --
  I am TheRaven on Soylent News
56. Re:Jail Time? by TheRaven64 · 2012-07-11 07:08 · Score: 1
  
  Google has 33,077 employees, so the cost of imprisoning Google for one year would be around $2.3bn. This fine is about 3.5 days in prison for Google at that rate.
  Note, however, that you are looking at the cost to the state of putting someone in prison, not the cost to the person. People in prison don't earn anything, but still have many of their expenses (mortgage and insurance if they have a house, storage for their possessions if they don't). Google's annual revenue is almost $40bn, so the cost to them of a year's imprisonment would be $40bn. By that metric, this is the equivalent to imprisoning them for just under 5 hours: hardly a fine of sufficient magnitude to provide an incentive not to do it again. On the other hand, I expect that the EU will fine them significantly more.
  
  --
  I am TheRaven on Soylent News
57. Re:Jail Time? by shentino · 2012-07-11 07:42 · Score: 1
  
  And then you have an agency with an incentive to fine someone just to give their own budget a boost.
  Better yet is to make all criminal and civil fines devoted to paying off the national debt.
58. Re:Jail Time? by war4peace · 2012-07-11 07:58 · Score: 1
  
  The Privacy settings ARE doing their job... to some extent. If you find a loophole that obviously wan't intended to be there, you report it rather than exploit it. If I find out that the online banking solution that I use allows me to circumvent it to fill my coffers and I do that, it's a felony, regardless whether their implementation is buggy or not.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
59. Re:Jail Time? by war4peace · 2012-07-11 08:00 · Score: 1
  
  My post wasn't aimed at Google specifically but rather all companies who mess up like this intentionally.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
60. Re:Jail Time? by war4peace · 2012-07-11 08:03 · Score: 1
  
  I was expecting people to extract the essence of my analogy, not take it ad literam.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
61. Re:Jail Time? by Anonymous Coward · 2012-07-11 09:40 · Score: 0
  
  I can tell by lucidity of your reply that you've yet to see the bedroom.
62. Re:Jail Time? by MacAndrew · 2012-07-11 10:03 · Score: 1
  
  Piercing the corporate veil is for extreme abuses and rarely done — or the corporate form would be meaningless. Believe me, MUCH easier said than done. Especially when the defendant has essentially unlimited legal resources.
  I'm not making an argument about what is right, just the law. Obviously corporations sometimes get away with (virtual) murder.
63. Re:Jail Time? by gmanterry · 2012-07-11 12:01 · Score: 1
  
  You can't just make up a number for a fine.
  You can't? How much does it cost to if you get caught downloading a song these days? If individual fines for each instance of the infraction were levied on Google, then the fine would indeed be massive. Only us little guys get individual, massive fines.
  
  --
  Since when is "public safety" the root password to the Constitution?
64. Re:Jail Time? by yenot · 2012-07-13 02:40 · Score: 1
  
  I don't think anyone needs jail time, but if you need a head on a stake, throw apple engineers in jail for making a buggy browser. Google's JavaScript was running in an iframe element. Iframe elements from a non-origin server (i.e. not the page URL) were prevented from writing cookies using JavaScript, but when Google's code made ajax calls for setting the +1 button, the HTTP POST operation was sending/receiving cookies with Google's servers in the HTTP headers. This was a browser bug that borders on gross negligence, not a subtle problem that Google "hacked" around. "Hacking" would have been required to make the browser behave the way it was supposed to, not the other way around.
65. Re:Jail Time? by war4peace · 2012-07-13 15:42 · Score: 1
  
  ...And that's why Google was tried and found guilty. AND they agreed to pay the fine. Because it was NOT their fault.
  Have you even read TFA?
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
Okay, I'm glad to see this, but ... by Daniel+Dvorkin · 2012-07-11 03:03 · Score: 5, Insightful

... like most corporate fines, the number seems absurdly low. $22.5 million is about 0.06% (not 6%, 0.06%, six hundredths of a percent) of Google's 2011 revenue. This would be equivalent to fining the average person about twenty bucks, which isn't much of a deterrent when there's serious money to be made by breaking the rules. Until fines for these kinds of violations at least come close to matching the potential profit, the behavior isn't going to change.

--
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
1. Re:Okay, I'm glad to see this, but ... by vlm · 2012-07-11 03:12 · Score: 0
  
  ... like most corporate fines, the number seems absurdly low. $22.5 million is about 0.06% (not 6%, 0.06%, six hundredths of a percent) of Google's 2011 revenue. This would be equivalent to fining the average person about twenty bucks, ...
  
  That's not $20 a person like you say, thats like $1 million per actual real world Safari user.
  Seriously it might ship, but does anyone actually use it? Kind of like "notepad.exe" is theoretically the worlds most widely deployed word processor but no one really uses it. I'd like to see some stats on how many people they were tracking with this. The comparison you're looking for is every victim we track theoretically earns us $10 in revenue per year (optimistically) but the fine works out to 100 years of profits at $1000 per track. Hmm I think that might be an unprofitable line of business, lets put the money toward the "save the igoogle" charity fund instead.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
2. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:14 · Score: 0
  
  I think they should impose fines defined as % of gross worldwide income. Say fine them 20% of their gross worldwide revenue:
  US$ 37.905 billion *.2 = $7.581 billion.
  Profit: US$ 9.737 billion (2011), that means their profit is now $2.156 billion. Their shareholders wouldn't like that.
  To be clear,
  Gross worldwide income would be the sum of revenue from all of Google worldwide, plus the revenue from anything they have a share in defined as a percent. That way, they can't be a 'shell' company that owns 20% of "Google Search Inc" or "Google Ads Inc".
  Actually, fine all the shareholders too, as a % of their gross income.
  That way if "Google Browser Intel" has a gross annual income of $0, they can't get fined for $0, but their owner, "Google" gets fined for 20% of their income.
  Close the loopholes!
3. Re:Okay, I'm glad to see this, but ... by Buccaneer+Waggerstrm · 2012-07-11 03:25 · Score: 1
  
  Yes people use Safari, it's a good browser. It even says in the summary that it's the only browser that doesn't accept cookies from ad networks. It's that good.
4. Re:Okay, I'm glad to see this, but ... by nedlohs · 2012-07-11 03:26 · Score: 1
  
  You're mixing two different things. Either the fine should be based on income in order to make the punishment be of similar "pain", in which case that it can make "serious money" is irrelevant. Or the fine should be based on how much money can be made by breaking the rules, in which case the income of the rule breaker is irrelevant. Or some combination (just you can have both a compensatory and a punitive damages award) of course, but arguing for the former based on the later makes no sense.
  If breaking the rules would be expected to make google $10 million then a $22.5 million fine might well act as a significant deterrent (depends on the chance of being caught and fined) - that doesn't change if google's revenues are $100 million or $100 billion.
5. Re:Okay, I'm glad to see this, but ... by MachDelta · 2012-07-11 03:29 · Score: 2
  
  "Google slashes 10% of workforce in order to recoup costs from fines to keep shareholders happy"
  Shit, like water, always runs downhill.
6. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:32 · Score: 0
  
  Why are the low UID posts always the most pig ignorant? FFS, you couldn't even understand the OP's $20 comment correctly.
7. Re:Okay, I'm glad to see this, but ... by DragonWriter · 2012-07-11 03:33 · Score: 1
  
  ... like most corporate fines, the number seems absurdly low.
  Its actually not a fine, its a settlement without admission of wrongdoing. An actual fine would require the FTC to prove that Google had done something for which it could be fined, which would have involved more public expense at greater risk. (If they had a really strong case, they would have held out for at least a settlement with an admission of wrongdoing, since when finalized such a settlement would have greater value in future proceedings.)
8. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:35 · Score: 0
  
  Speeding tickets should be that way too!
9. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:36 · Score: 0
  
  Surely you jest. The almighty Jobs hath created safari and bequeathed it to the enlightened Apple user, therefore it is the best on the market. Why would one sully their beautiful and curvy mac with inferior non-Jobs software?
10. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:43 · Score: 0
  
  "With sudden budget surplus, US gov't employs thousands of workers around the country"
  It'd also suck money into the gov't's pocket.
11. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 03:48 · Score: 1
  
  Apparently, it DOES accept cookies from ad networks. They should really fix that.
12. Re:Okay, I'm glad to see this, but ... by jo_ham · 2012-07-11 03:48 · Score: 1
  
  Actually yes, I use it all the time. I have Safari and Chrome as my two main browsers (used to be Safari and Firefox).
  Yes, it ships on OS X and I know a fair few Mac users who don't use it (and they all seem to universally use Chrome instead), but Safari is actually not a terrible browser (on the Mac - I cannot speak to the Windows version), so people who use it tend to see no reason to change.
13. Re:Okay, I'm glad to see this, but ... by timeOday · 2012-07-11 03:52 · Score: 3, Interesting
  
  This is all so arbitrary. Oddly enough google's fine of $22.5 million is exactly 1000 times the fine of $22,500 that US courts recently upheld as a reasonable fine for pirating songs - that's per song. So if we held "stealing" a user's surfing habits to be equivalent to "stealing" a copy of a song, google's fine would only cover the first 1000 affected users.
14. Re:Okay, I'm glad to see this, but ... by Tough+Love · 2012-07-11 04:42 · Score: 1
  
  ... like most corporate fines, the number seems absurdly low.
  Commensurate with the offense.
  Apple: "The pOwed our thingy!"
  Government: "You pOwed their thingy!"
  Google: "We didn't know and we didn't mean to. It was an intern."
  Government: "You are fined. Now you know."
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
15. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 04:50 · Score: 0
  
  So, in your mind there are 22.5 Safari users? Are you that much of a Windows or Linux fanboy that you presume that an OS that holds maybe 10% of the total PC market and ships with Safari as the default browser is really only used by 22.5 people?
  That is completely illogical, your faith blinds you to the truth.
16. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 05:04 · Score: 0
  
  But chrome lets Google spy on you, and is slower than Safari. Why would you use it if you have a Mac?
  Apple should really remove the 'Chrome' spyware from the App Store as well.
17. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 06:20 · Score: 0
  
  You don't use notepad?
18. Re:Okay, I'm glad to see this, but ... by Anonymous Coward · 2012-07-11 09:27 · Score: 0
  
  Like all these cases, he didn't just copy a song, he distributed 30 songs to others. From your own link:
  
  During a jury trial in the Massachusetts District Court, Tenenbaum admitted liability for infringing the plaintiffs' copyright for 30 songs he downloaded and distributed via file-sharing software.
  
  I've yet to see a single case were someone was sued from simply downloading a song as you implied. The laws are stupid, the system is broken, but lying about it isn't going to help anything.
Illegal? by Bigby · 2012-07-11 03:05 · Score: 1

Is this illegal because of the DMCA? It is very common for people and companies to circumvent application security. It is usually up to the application to secure itself.
Does this mean that I could sue someone for using some form of XRay glasses? Because my clothes are supposed to prevent people from seeing me naked...
1. Re:Illegal? by Anonymous Coward · 2012-07-11 03:17 · Score: 0
  
  I don't think DMCA applies. No movies or songs were involved.
2. Re:Illegal? by Shompol · 2012-07-11 03:18 · Score: 1
  
  ...someone like TSA. They finally installed naked scanners in JFK. I am not even sure if i can opt out, or if i should.
3. Re:Illegal? by msauve · 2012-07-11 03:22 · Score: 4, Informative
  
  No. It wasn't any sort of active attempt at hacking. It wasn't breaking any encryption. Even the EFF admits it was probably unintended.
  
  Saying Google "used a loophole" is just a loaded way of saying Safari had a bug. The technique had been known for at least two years, and was used by companies other than Google.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
4. Re:Illegal? by Baloroth · 2012-07-11 03:34 · Score: 1
  
  It probably wasn't illegal. Google just realized it would be easier to pay up-front than get involved in a legal dispute over who did what when that would drag out and be all over the news for the next month with headlines like "Did Google Hack Apple Products?" Which you know would happen.
  
  --
  "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
5. Re:Illegal? by SuricouRaven · 2012-07-11 03:49 · Score: 2
  
  The DMCA only applies to security measures intended to restrict access to copyright-protected works. It doesn't apply to security in general.
6. Re:Illegal? by gl4ss · 2012-07-11 06:39 · Score: 1
  
  look, if you find a loophole in say a forums code and start using that to host your files, you're pretty much going to get hosed in court for that even if it didn't include hacking and was just working as intended, while you were using the service in unintented fashion.
  why should a corp be different?
  
  --
  world was created 5 seconds before this post as it is.
7. Re:Illegal? by msauve · 2012-07-11 06:52 · Score: 1
  
  Since when is a browser a website?
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
8. Re:Illegal? by Raenex · 2012-07-11 06:56 · Score: 1
  
  The browser runs on my computer. If I hosted a site that hacked into your computer when you browsed it, by all accounts, legally and ethically, I should be held liable for computer fraud and abuse.
9. Re:Illegal? by msauve · 2012-07-11 08:39 · Score: 1
  
  Nothing about the cookies Google placed had anything remotely to do with hacking or computer abuse or fraud.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
10. Re:Illegal? by Raenex · 2012-07-11 11:02 · Score: 1
  
  Sure it did. A security mechanism was in place to prevent unwanted cookies. Google hacked around it to gain commercially. That's abuse. There's even fraud, because Google made a positive claim that Safari's cookie policy protected their privacy.
  The only difference between a hacker and Google is that Google is a corporation, and corporations in cases like this usually aren't treated as people when it comes to enforcing the law. It's a complete double standard, and people like you are part of the problem.
11. Re:Illegal? by msauve · 2012-07-11 11:33 · Score: 1
  
  Does it hurt when you stretch that far?
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
12. Re:Illegal? by Raenex · 2012-07-11 12:28 · Score: 1
  
  Does it hurt when you hold double standards? What's your explanation for why when Google exploits software on a user's computer for commercial gain that it isn't hacking? First you claim that a browser isn't a website, showing your predisposition to discount what happens on consumer computers. So what's your argument now that Google is allowed to do this legally?
13. Re:Illegal? by msauve · 2012-07-11 12:38 · Score: 1
  
  So, every website that asks your browser to store a cookie is evil? You really don't have a clue. Buh bye.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
14. Re:Illegal? by Raenex · 2012-07-11 12:56 · Score: 1
  
  And somebody that hacks into a website is merely asking to be let in. Google specifically worked around the Safari policy and technical measures that were put in place to prevent what they did. It's really pathetic that you're even taking this angle.
  It's ok, though. I know the cognitive dissonance is too much for you.
What about the users by cubby96 · 2012-07-11 03:06 · Score: 1

If my privacy was violated, what is the effect of this ruling to me? I assume I would receive nothing from the settlement, as it is a penalty/fine. And the fine is probably less than the benefit they received from the advertising they were able to sell. Just a cost of doing business. How disappointing that we can't put some teeth into judgments like this.
1. Re:What about the users by 0racle · 2012-07-11 03:28 · Score: 1
  
  The intended effect would be that Google stops doing that.
  
  Personally, I'm not going to hold my breath.
  
  --
  "I use a Mac because I'm just better than you are."
Not a sentence by k(wi)r(kipedia) · 2012-07-11 03:07 · Score: 1

Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. Google, the largest settlement with FTC over privacy related charges ever.
The part that begins with "Google, the largest settlement" isn't a sentence. Either it's missing a verb or it's a wrongly split part of the first sentence: "Google will settle with the FTC for nearly $22.5 million, the largest settlement with the FTC over privacy-related charges."
1. Re:Not a sentence by NoNonAlphaCharsHere · 2012-07-11 03:53 · Score: 1
  
  Google will settle with the FTC for nearly $22.5 million over its bypassing of Apple's Safari browser privacy settings. Google, [????] the largest settlement with [the] FTC over privacy related charges ever. By abusing [a] privacy hole in Safari, Google circumvented user settings to show them [the user settings] advertising and track the users, 'Safari, unlike other browsers, blocks cookies from ad networks like Google's. But because of a loophole[^Wvulnerability], Google had been able to avoid[^Wcircumvent] the block, as researchers discovered in February. It [the loophole/Google/the block/researchers] installed cookies and tracked Safari users across the Web to show them personalized ads.'
2. Re:Not a sentence by k(wi)r(kipedia) · 2012-07-11 13:08 · Score: 1
  
  Yes, I also noticed the other sentence construction errors but chose to focus on what I thought was the most obvious, even to people whose first language isn't English. I don't mind the usual typos and grammatical mistakes, so long as they don't have me scratching my head over the wrong or missing words. But this has to be one of the most poorly written stories I've read thus far.
Designated Felon by Aqualung812 · 2012-07-11 03:08 · Score: 5, Interesting

The EPA already attempts to do this using what has been termed the "designated felon".
The idea is that if there are severe environmental damages, the company has to have someone designated as the person that will do jail time. The idea is that this person is in charge of setting and enforcing the policies that will keep her out of jail.
It even allows someone that violates the policies to be the one that serves jail time. In other words, the DF says "you must do this", and if you ignore that, you do the time.
However, this isn't enforced as much as it should be, and I'm not aware of any other use of this idea outside EPA regulations.

--
Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
1. Re:Designated Felon by Daniel+Dvorkin · 2012-07-11 03:14 · Score: 1
  
  And at a guess, the DF is rarely the person who actually made the decision, but instead the one who implemented it. Solicitation is a crime in itself, as a guy whose name I happen to find interesting found out recently, but that legal principle seems to go out the window when corporate money is involved.
  
  --
  The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
2. Re:Designated Felon by Anonymous Coward · 2012-07-11 03:36 · Score: 1
  
  Don't mod parent down, if you know what's good for you ;)
3. Re:Designated Felon by Old97 · 2012-07-11 03:55 · Score: 0
  
  I wonder how much a job like that pays? Can one apply for it? "Hi, I'd like to apply to become your designated felon. I want a company car, a nice salary and conjugal visits if I do time."
  
  --
  Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
4. Re:Designated Felon by Daniel+Dvorkin · 2012-07-11 04:11 · Score: 1
  
  Good point. Maybe I should put that link in my .sig line.
  
  --
  The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
Remember, kids by Swampash · 2012-07-11 03:11 · Score: 0

Do no evil!
1. Re:Remember, kids by Anonymous Coward · 2012-07-11 03:17 · Score: 0
  
  Incorrect. Google's informal slogan is, "Don't be evil."
  Seriously, why is that so hard for people to remember?
2. Re:Remember, kids by Anonymous Coward · 2012-07-11 03:21 · Score: 0
  
  Incorrect. Google's informal slogan is, "Don't be evil."
  Seriously, why is that so hard for people to remember?
  Because the REAL quote makes it harder to make childish, snarky remarks about them?
  A Soundbite-Based Worldview: We always acted so smug, as if the nerd world was immune to it...
3. Re:Remember, kids by b5bartender · 2012-07-11 03:22 · Score: 1
  
  Why is it so hard for Google to remember?
4. Re:Remember, kids by Swampash · 2012-07-11 03:59 · Score: 1
  
  Because Google seems unable to remember it either?
Google, the largest settlement with FTC over... by Anonymous Coward · 2012-07-11 03:13 · Score: 0

"Google, the largest settlement with FTC over privacy related charges ever. "
Excellent, I agree.
1. Re:Google, the largest settlement with FTC over... by Anonymous Coward · 2012-07-11 03:17 · Score: 0
  
  I googled it and I got this thread!
To Google, that is 'chump change'... by bogaboga · 2012-07-11 03:14 · Score: 1

...and will be taken as the a cost of doing business. Nuf said.
1. Re:To Google, that is 'chump change'... by Tough+Love · 2012-07-11 04:45 · Score: 1
  
  I think you're talking about Microsoft. Google is not nearly that far gone... they can still be shamed into doing the right thing.
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
2. Re:To Google, that is 'chump change'... by Anonymous Coward · 2012-07-11 05:19 · Score: 0
  
  Suck a dick, cock faggot. Could we have one article without some shit sack like yourself playing the MS card? Fucking die.
3. Re:To Google, that is 'chump change'... by Tough+Love · 2012-07-11 05:21 · Score: 1
  
  Suck a dick, cock faggot. Could we have one article without some shit sack like yourself playing the MS card? Fucking die.
  Hi Steve, Is that you?
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
4. Re:To Google, that is 'chump change'... by Anonymous Coward · 2012-07-11 07:36 · Score: 0
  
  Are you 6 years old or 7? I ask merely for information.
It WAS a pain in the ASS! by Anonymous Coward · 2012-07-11 03:18 · Score: 0

Because of that fine, Apple will have to use the cheap toilet paper for a whole DAY! YOU try to develop with a sore anus!
1. Re:It WAS a pain in the ASS! by Anonymous Coward · 2012-07-11 03:34 · Score: 0
  
  Umm, Google was the company that ignored the settings on Apple's browser. Google is being fined, not Apple.
  Do you lack the ability to comprehend simple sentences, or is your hatred of Apple the issue? ::sigh::
2. Re:It WAS a pain in the ASS! by Savage-Rabbit · 2012-07-11 04:16 · Score: 1
  
  Because of that fine, Apple will have to use the cheap toilet paper for a whole DAY! YOU try to develop with a sore anus!
  Umm, Google was the company that ignored the settings on Apple's browser. Google is being fined, not Apple.
  Do you lack the ability to comprehend simple sentences, or is your hatred of Apple the issue? ::sigh::
  I's called a 'Freudian slip'.
  
  --
  Only to idiots, are orders laws.
  -- Henning von Tresckow
Marvelous! by multicoregeneral · 2012-07-11 03:19 · Score: 1

The FTC should be on top of this stuff. But 22 million dollars is nothing for Google. They make that in about ten minutes.

--
This signature intentionally left blank.
So Safari's privacy setting doesn't work as by Scyber · 2012-07-11 03:20 · Score: 2, Interesting

it is supposed to and Google gets fined? Shouldn't Apple also get fined? Submitting hidden forms is not an unknown concept in web development. Its not like Google hacked the users computer and changed the Safari settings. The settings were broken if they didn't block this. I'm not saying I agree with what Google was doing, I just think there were some serious issues with Safari's privacy settings if they allowed this in the first place.

I also don't think Google is the only company doing this. I actually had an interview with an ad company a few months back where they actually bragged about how they could track Safari users despite the default privacy settings. I never followed up on it, but I'd imagine it is something similar. I didn't take the job (for other reasons).
1. Re:So Safari's privacy setting doesn't work as by Flipao · 2012-07-11 03:25 · Score: 1
  
  Well maybe others were doing it but Google did get caught red handed.
2. Re:So Safari's privacy setting doesn't work as by gnasher719 · 2012-07-11 03:41 · Score: 4, Insightful
  
  it is supposed to and Google gets fined? Shouldn't Apple also get fined?
  
  You go to jail for burglary. You don't go to jail for selling locks that a highly experienced burglar can open. Apple did provide security against Random J. Hacker, they just didn't provide enough security against a multi billion dollar company working hard to break the security.
  
  I bet if you built a safe then Google could find someone who manages to open it as well.
3. Re:So Safari's privacy setting doesn't work as by jo_ham · 2012-07-11 03:52 · Score: 2
  
  If a thief breaks into your house should you be fined because your door was too easy to open?
  The attempts to justify Google's actions on slashdot over this whole affair have been staggering.
  They did something they weren't supposed to, and are now facing the consequences. Sometimes that happens
4. Re:So Safari's privacy setting doesn't work as by Anonymous Coward · 2012-07-11 04:00 · Score: 0
  
  Yes, using a hidden Form is standard practice. The reason for this is that there are many basic Javascript functions that assume you are inside a Form as part of their operating context. Since more and more modern pages use AJAX instead of forms, they create a hidden Form in order to provide those Javascript functions with the context they rely on. It's really annoying, but that's just the way Javascript was setup.
5. Re:So Safari's privacy setting doesn't work as by Anonymous Coward · 2012-07-11 04:01 · Score: 1
  
  Yeah, let's blame the victim! He didn't stop me doing something bad so it's his fault!
6. Re:So Safari's privacy setting doesn't work as by Scyber · 2012-07-11 04:19 · Score: 1
  
  You would be fined if you sold locks that were advertised as "Blocking all burglars" and they didn't.
  
  And don't think what google did was that innovative. As other articles linked in these comments show, this methodology is used by at least a half dozen other ad firms. The fact that form submissions get around the 3rd party blocking rules is something that was discussed in webkits bug tracking system in 2010 and is publicly available. Apple employees even commented on the policy and seemed to be ok with the "weak third-party blocking" implementation. So lets not blow things out of proportion and contend that only multi-billion dollar companies could have figured it out.
  
  As I said, I don't agree with what Google was doing, I just fail to see how Apple isn't at fault here also.
7. Re:So Safari's privacy setting doesn't work as by Anonymous Coward · 2012-07-11 04:34 · Score: 0
  
  Just because something is possible doesn't mean that you should or legally can do it. Don't blame the victim.
  There's kind of a fox guarding the hen house issue here in that Google works on the webkit project. Since the iframe exploit was well known because of facebook developers I feel like there wasn't anything malicious happening within Google, but it just strikes me as a problem just waiting to explode.
8. Re:So Safari's privacy setting doesn't work as by Tough+Love · 2012-07-11 04:48 · Score: 1
  
  they just didn't provide enough security against a multi billion dollar company working hard to break the security
  I do believe you're exaggerating the difficulty of setting an evil Safari cookie.
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
9. Re:So Safari's privacy setting doesn't work as by moeinvt · 2012-07-11 05:24 · Score: 1
  
  Putting cookies on people's computers is hardly analogous to stealing stuff from people's house.
  This is more like Apple building an invisibility cloak (i-Cloak?) and then fining Google because they're able to see you and follow you around.
10. Re:So Safari's privacy setting doesn't work as by Anonymous Coward · 2012-07-11 05:28 · Score: 0
  
  I saw an article at another site today that more malware has been discovered in the Google Play Store - and it's been there for months with a significant number of downloads.
  By your logic that is Google's fault.
11. Re:So Safari's privacy setting doesn't work as by Anonymous Coward · 2012-07-11 09:32 · Score: 0
  
  If a thief breaks into your house with an armed security system that the criminal just presses the off button without entering in an unlock code, is the alarm company ALSO at fault for providing a false sense of security (and possible liability)?
12. Re:So Safari's privacy setting doesn't work as by jo_ham · 2012-07-11 09:48 · Score: 1
  
  If a thief breaks into your house with an armed security system that the criminal just presses the off button without entering in an unlock code, is the alarm company ALSO at fault for providing a false sense of security (and possible liability)?
  Presumably, yes, but that's not what Safari does. It had an exploitable hole (like, an easy to bypass alarm system, for example), and Google exploited it. It's not the first piece of software with security holes, it won't be the last.
13. Re:So Safari's privacy setting doesn't work as by Branciforte · 2012-07-12 05:51 · Score: 1
  
  Right, so, let me get this straight. Google is so clever, that two year in advance, in 2009, they wrote a help page, knowing that much later on Apple would introduce a bug in Safari that this web page could exploit.
  THAT, is very impressive. It's amazing what a multi-billion dollars can do.
14. Re:So Safari's privacy setting doesn't work as by metrix007 · 2012-07-12 22:25 · Score: 1
  
  It wasn't a vulnerability, it was a deliberate design decision that came to bite them in the ass. It was the default behavior and was described as such, only now that it was exploited is it considered a vulnerability.
  Making excuses for Google is bad, but then so is making excuses for Apple. Worse so, in this case.
  
  --
  If you ignore ACs because they are anonymous - you're an idiot.
15. Re:So Safari's privacy setting doesn't work as by jo_ham · 2012-07-13 10:50 · Score: 1
  
  It wasn't a vulnerability, it was a deliberate design decision that came to bite them in the ass. It was the default behavior and was described as such, only now that it was exploited is it considered a vulnerability.
  Making excuses for Google is bad, but then so is making excuses for Apple. Worse so, in this case.
  How can you say that is wasn't a vulnerability?
  The setting was specifically designed to block third party tracking cookies, but you could get around that by tricking the browser into thinking the cookie was first party with the invisible form submit trick. The only reason Google were doing this was to set tracking and advertising cookies on people's machines who had the "do not track me with advertising cookies" setting checked. If they didn't have that setting on (eg, had the "accept all cookies" option checked then they wouldn't have needed to take deliberate action.
  I'm not excusing Apple's security hole - it's clear that the security model was broken by someone not considering that advertising companies like to think deviously, and a really obvious method would be to try to trick the browser into allowing the cookie under the more permissive criteria. Apple absolutely should have checked to see what would happen in situations such as that.
  However, when you boil it down, Google deliberately went out of their way to get around people's privacy settings in a "Do Evil (tm)" way, and the excuses I've seen on slashdot trying to justify that behaviour have been staggering. I think the winner was the guy trying to claim that because Apple makes it the default setting on Safari that Google was justified in ignoring it because "how could google know what people really wanted?"
  Astonishing.
16. Re:So Safari's privacy setting doesn't work as by metrix007 · 2012-07-13 17:14 · Score: 1
  
  I'm not saying that what Google did was right, but it isn't them exploiting a vulnerability.
  The Apple designers designed the third party handling of cookies to be how it was. It wasn't a glitch or something unknown, it was expected behavior. So Google was able to use this expected behavior to track users who thought they were safe.
  I don't consider it a vulnerability simply because it was designed in. It was being used in exactly the way that it was designed to be used. Google took advantage of a dumb design decision, they didn't find and exploit a vulnerability. Arguably that is just semantics, although I think there is quite a distinction between the two.
  I don't think what Google did was particular evil. It was..asshatish..but not evil. If they had actually exploited a vulnerability then that would be a different matter. But simply submitting a form to be able to place a cookie when that is what the browser allows by design...well, that is mainly the fault of the browser.
  
  --
  If you ignore ACs because they are anonymous - you're an idiot.
Individual users can sue by k(wi)r(kipedia) · 2012-07-11 03:22 · Score: 1

Or file a class-action suit if they feel it's worth a damn. The FTC ruling is more of a regulatory move. The FTC isn't a court, and so you won't see the fabulous sums bandied about in law suits.
Lauren Weinsteins explanation by IamTheRealMike · 2012-07-11 03:23 · Score: 2

This article has an interesting writeup of what happened, for those who are interested in the details.
don't be evil by circletimessquare · 2012-07-11 03:24 · Score: 1

i mean, er, don't be really evil*
*we made need to add another really in there at some point

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
wrong question by Anonymous Coward · 2012-07-11 03:25 · Score: 5, Insightful

question is, why aren't they fining anyone else who did this? Google is not the only one. I suppose nobody realized Microsoft made the complaint while doing it themselves along with facebook?
Summary grammar by Anonymous Coward · 2012-07-11 03:25 · Score: 0

Summary grammar is very poor. Can't someone that can write proper English double check a summary before it is posted?
Government's Role in "Internet Freedom" by eldavojohn · 2012-07-11 03:28 · Score: 4, Insightful

After seeing how Slashdot reacted to Ron Paul realigning his priorities, I think it's worth noting that "internet freedom" means taking the bad with the good. On the one hand, everyone noticed that SOPA would be an impossibility with the Pauls' new proposition. On the other hand, fines like these or even investigations to what Google or Safari or users are doing on the internet would be completely outside of the government's jurisdiction and as such would requires users to punish Google for these Safari abuses. And it is my opinion that the free market would not only care little about such an issue but be powerless to stop the largest online search provider.

So remember when you get excited about things like:

The manifesto, obtained yesterday by BuzzFeed, is titled "The Technology Revolution" and lays out an argument — in doomsday tones —for keeping the government entirely out of regulating anything online, and for leaving the private sector to shape the new online space.
You need to consider this story and how the private sector will abuse privacy left and right if it drives up revenues. With not even a public slap on the wrist from the government, you are faced with individuals playing a PR campaign against massive corporations. That rarely ends well for the individuals and the users.

--
My work here is dung.
1. Re:Government's Role in "Internet Freedom" by Anonymous Coward · 2012-07-11 04:21 · Score: 0
  
  would requires users to punish Google for these Safari abuses
  As they should! Why do we constantly allow huge corporations like Google, Sony, Apple, and Facebook to get away with what they do? Why is anyone still giving money to any of those corporate entities, given their history?
2. Re:Government's Role in "Internet Freedom" by Bigby · 2012-07-11 04:48 · Score: 1
  
  The people won't think twice because we don't really care. It is a freakin' cookie. Just because you and some others don't like it, doesn't mean it should be enforced by a government.
  I swear we are going to wind up with laws that prevent a person from staring at someone for more than 10 seconds. It will be punishable with community service, which will be to clean the parking lot of some major private corporation.
Told ya. by shiftless · 2012-07-11 03:51 · Score: 1

Google is evil.
What about everyone else? by Col.+Klink+(retired) · 2012-07-11 03:55 · Score: 2

Google wasn't the only one using this widely publicized bug in Safari? According to the original WSJ article:

The coding also has a role in some Facebook games and "apps"---particularly if the app wants to store a user's login information or game scores. In fact, a corporate Facebook page for app developers called "Best Practices" includes a link to Mr. Garg's blog post.
So, how large of a fine is Facebook going to pay?

--
-- Don't Tase me, bro!
Re:Lazy programming by Calibax · 2012-07-11 03:55 · Score: 1

No, Google is being fined for taking advantage of a bug in Apple's software to make money, rather than reporting the issue to Apple so they could fix it. Heck, there's even a menu item in Safari to "Report bugs to Apple..." You seem to be blaming the victim for the poor choices of the person taking advantage of them - if someone accidentally leaves a window unlocked that doesn't translate into a right to burgle the house.
Unethical is one way to describe Google's behavior. Another way to describe it is criminal, as clearly Google was obtaining unauthorized access to a computer. You know, the sort of thing that gets people time in prison.
That's a problem with corporate law - companies have all the rights of people, but only one real responsibility - to make money. Minor fines for major infractions do not deter criminal behavior.
Re:Lazy programming by Old97 · 2012-07-11 03:57 · Score: 1

And if you don't have good locks on your front door or if you leave a window open then whomever steals all your stuff shouldn't be prosecuted. They can keep your stuff as well.

--
Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
Idealist by Anonymous Coward · 2012-07-11 04:00 · Score: 0

Powerful men use their power to avoid taking responsibility for their actions. It is harmful, unfair, and wrong as wrong can be. It is also how the world actually works. It has always been this way, and always will be.
Complain all you want, this will *never* change.
1. Re:Idealist by war4peace · 2012-07-11 04:26 · Score: 1
  
  I know. That's why I'm writing on Slashdot instead of lobbying for it out there on the streets :)
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
No exploit by mshenrick · 2012-07-11 04:16 · Score: 1

Form what I remember, safari blocks third party cookies by default. Google used a trick to make it accept them that didn't really 'exploit' the software, as it was not really a bug. It's Apple's fault for having a browser with that flaw! You are responsible for code running on your computer. You cannot force a computer to accept a cookie! And sending cookies is not a crime!
1. Re:No exploit by cockpitcomp · 2012-07-11 04:45 · Score: 1
  
  "Google used a trick" and not an "exploit". Because by this logic virus creation is OK as well. You can't force a computer to accept a virus, you just "trick" it. Or are those security holes are really just features for accessing the machine. You don't think it is too much to expect each user to understand every line of machine code shoveled at them? Really? Didn't really think that one through before posting did ya.
From the opposite perspective by avandesande · 2012-07-11 04:28 · Score: 1

If you reverse things this is like a person getting fined because they purposely accessed information on a public web server that was exposed by accident.

--
love is just extroverted narcissism
1. Re:From the opposite perspective by Anonymous Coward · 2012-07-11 05:16 · Score: 0
  
  Yes, back in the heyday of website cracking, there were many exploits like http://example.com/vulnerablecgi?foo=../../../../../../etc/passwd
  If you deliberately exploit a security/privacy measure due to an implementation mistake, then you should be held accountable.
Google was on probation by Anonymous Coward · 2012-07-11 04:28 · Score: 0

Google wasn't the only one using this widely publicized bug in Safari? According to the original WSJ article:

The coding also has a role in some Facebook games and "apps"---particularly if the app wants to store a user's login information or game scores. In fact, a corporate Facebook page for app developers called "Best Practices" includes a link to Mr. Garg's blog post.
So, how large of a fine is Facebook going to pay?
The thing was, Google was already under an FCC settlement because of violating privacy policies in the past:
http://www.ftc.gov/opa/2011/03/google.shtm. This means that Google can get in trouble for doing things that other companies get away with. It's also why the "Oh, we didn't know that our tracking cookies were sticking where people didn't want them" excuse doesn't fly; they were subject to special rules and they were supposed to be making super extra double sure that they didn't do anything to impinge upon users' privacy.
Sort of like how some convicted drunk drivers have driving restrictions that the rest of us don't.
1. Re:Google was on probation by Col.+Klink+(retired) · 2012-07-11 04:34 · Score: 2
  
  > The thing was, Google was already under an FCC settlement because of violating privacy policies in the past
  Uh huh. And so is Facebook:
  http://www.ftc.gov/os/caselist/0923184/111129facebookagree.pdf
  
  --
  -- Don't Tase me, bro!
Reminder to Google by moeinvt · 2012-07-11 04:32 · Score: 1

It's an election year. Better pay up on your protection money *cough* "campaign contributions" sometime between now and November.
1. Re:Reminder to Google by shentino · 2012-07-11 07:40 · Score: 1
  
  http://www.google.com/policies/privacy/ads/
How does this make any sense? by rmac1813 · 2012-07-11 04:46 · Score: 1

How do you levy fines against Google (or any company for that matter) for exploiting *in a non-harmful way* Apple's fuck-ups? If Apple wanted their browser to truly block cookies then there should not be a way around it. It's not like Google was deploying malicious code.. The punishment fits the 'crime' -- if you care to absurdly call it a crime.. :thumbsdown: once again to the FTC. ugh

--
Progress defines me
Finally by Anonymous Coward · 2012-07-11 04:56 · Score: 0

Google Does Know Evil
Google account opt out? by shentino · 2012-07-11 05:02 · Score: 1

Wasn't there something about an opt out/opt in setting on your google account for off-site tracking?
I think here the FTC just wanted an excuse to fine GOOG.
I think people are just surprised google was able to track them on an iphone, whether or not they consented to it or not.
This is why people think Apple invented everything by Solandri · 2012-07-11 05:04 · Score: 0

'Safari, unlike other browsers, blocks cookies from ad networks like Google's.
Because irresponsible members of the press attribute features which originated in Opera and Firefox to Apple. A few years later it'll turn out Opera and Mozilla never bothered patenting cookie blocking because it was so obvious, but Apple did. Then Apple will sue them and get an injunction against their products for something they had first.
Re:This is why people think Apple invented everyth by Anonymous Coward · 2012-07-11 05:34 · Score: 0

Two words: Prior Art
Re:This is why people think Apple invented everyth by Anonymous Coward · 2012-07-11 06:43 · Score: 0

Two words: Prior Art
How adorable. And those two words would magically undo the months/years of lost time and money spent in trial when Apple starts up the iLitigate?
Oh, wait, sorry, I forgot, those two words also summon hordes of cash to the defendant so that the trial can go that long in the first place without bankrupting them. So everything will just be fine! After all, there's thousands of other developers out there, and they're all the same, so what's a few lost months or years on a small group of them, I mean, really.
naked scanners? by Anonymous Coward · 2012-07-11 07:43 · Score: 0

They finally installed naked scanners in JFK
Please tell us what scanners that are naked look like.
By the way, it's "I", not "i". I know that it takes an awful lot of effort, but you can press one of the keys marked "Shift" when you type the letter "I" (just think: do that and you'll be able to fool some people into thinking that you have a clue).
Next week, we'll discuss counting without using your fingers. That way, you can keep one in your nose as usual.
1. Re:naked scanners? by Shompol · 2012-07-11 08:31 · Score: 1
  
  Grammar Nazi strikes again! It is because of people like you that we delay the orxogrefkl riform, and wi dont hev a lojikl, kohirnt speling in ius xrewawt xe Ingliy-spiking werld
Re:Lazy programming by Anonymous Coward · 2012-07-11 09:35 · Score: 0

uh, all companies involved were fully aware of this "exploit" and nobody fixed it. If google is not ethical, the APL's is negligent (for at least two years they were aware of this workaround).