Google has announced it will destroy billions of data records to settle an ongoing lawsuit in which plaintiffs accused the tech firm of tracking search activity improperly.
The move follows allegations that Google tracked the search data of users operating in Chrome’s private browsing - or ‘incognito’ - mode without clearly stating that it would be doing so in privacy disclosures.
Google tried unsuccessfully to have the case dismissed in the summer of 2023 following the lawsuit’s inception in 2020, claiming that users were adequately informed of data collection.
In the most recent development of the case, however, a settlement has been passed that will see Google forced to delete data and update its privacy policies.
Google will destroy the billions of ill-gotten records it secured while also updating disclosures for its private browsing capabilities to clearly describe what data it collects. It will now also give users the option to disable third-party cookies within this function.
These latest terms which hold Google to account, filed in a California federal court, now await approval from US district judge Yvonne Gonzalez Rogers.
Google penalties are part of a wider wake-up call for businesses
In this case, Google was found to have been unclear about its data access and usage, leaving it open to a level of legal action that helps establish an important precedent for enterprises.
With consumers increasingly aware of their privacy rights, businesses can ill afford to shirk responsibilities, according to Stephanie Liu, senior analyst at Forrester.
“The rise of privacy-oriented class action lawsuits and complaints shows consumers are increasingly privacy savvy and taking action,” Liu said.
“Transparency is critical — companies have to explain how data is shared and used,” she added.
Going forward, companies will need to ensure that they are open and honest about where and how they are tracking data, as violations such as these will leave enterprises vulnerable to accusations of data misuse, Liu noted.
Minimize the risks related to data loss and other security events
“There has been a steady drumbeat of complaints, lawsuits, and regulatory action centered on companies collecting or sharing customer data in unexpected ways,” she said.
“The Google Chrome settlement is part of a broader trend of consumers filing complaints about their data being used in ways they don't expect."
Meta, for example, found itself caught up in the growing trend of class action privacy cases when it was forced to pay $725 million in 2022 over its handling of personal user information with Cambridge Analytica.
Though Meta did not admit its guilt as part of the settlement, this was still the largest-ever monetary sum paid as part of a privacy lawsuit.
Slightly further back, Zoom agreed to pay $85 million to settle privacy claims against it relating to the sharing of personal user data with other firms such as Google, Facebook, and LinkedIn.
This case isn’t Google’s only run-in with privacy regulation in recent memory, as the firm forked out a $391.5 million settlement in 2022 following claims that it was tracking location data improperly.
