Google forced to delete billions of incognito browsing records after privacy controversy

The exterior of the new headquarters of Google is seen at 550 Washington Street in Hudson Square on January 09, 2024 in New York City
(Image credit: Getty Images)

Google has announced it will destroy billions of data records to settle an ongoing lawsuit in which plaintiffs accused the tech firm of tracking search activity improperly. 

The move follows allegations that Google tracked the search data of users operating in Chrome’s private browsing - or ‘incognito’ - mode without clearly stating that it would be doing so in privacy disclosures. 

Google tried unsuccessfully to have the case dismissed in the summer of 2023 following the lawsuit’s inception in 2020, claiming that users were adequately informed of data collection.

In the most recent development of the case, however, a settlement has been passed that will see Google forced to delete data and update its privacy policies. 

Google will destroy the billions of ill-gotten records it secured while also updating disclosures for its private browsing capabilities to clearly describe what data it collects. It will now also give users the option to disable third-party cookies within this function. 

These latest terms which hold Google to account, filed in a California federal court, now await approval from US district judge Yvonne Gonzalez Rogers. 

Google penalties are part of a wider wake-up call for businesses

In this case, Google was found to have been unclear about its data access and usage, leaving it open to a level of legal action that helps establish an important precedent for enterprises. 

With consumers increasingly aware of their privacy rights, businesses can ill afford to shirk responsibilities, according to Stephanie Liu, senior analyst at Forrester.

“The rise of privacy-oriented class action lawsuits and complaints shows consumers are increasingly privacy savvy and taking action,” Liu said. 

“Transparency is critical — companies have to explain how data is shared and used,” she added. 

Going forward, companies will need to ensure that they are open and honest about where and how they are tracking data, as violations such as these will leave enterprises vulnerable to accusations of data misuse, Liu noted.

“There has been a steady drumbeat of complaints, lawsuits, and regulatory action centered on companies collecting or sharing customer data in unexpected ways,” she said.

“The Google Chrome settlement is part of a broader trend of consumers filing complaints about their data being used in ways they don't expect."

Meta, for example, found itself caught up in the growing trend of class action privacy cases when it was forced to pay $725 million in 2022 over its handling of personal user information with Cambridge Analytica. 

Though Meta did not admit its guilt as part of the settlement, this was still the largest-ever monetary sum paid as part of a privacy lawsuit. 

Slightly further back, Zoom agreed to pay $85 million to settle privacy claims against it relating to the sharing of personal user data with other firms such as Google, Facebook, and LinkedIn.   

This case isn’t Google’s only run-in with privacy regulation in recent memory, as the firm forked out a $391.5 million settlement in 2022 following claims that it was tracking location data improperly.

George Fitzmaurice
Staff Writer

George Fitzmaurice is a staff writer at ITPro, ChannelPro, and CloudPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.