The new fine is the latest fallout stemming from Stanford grad student Jonathan Mayer's 2012 report outlining how Google bypassed Safari users' cookie-blocking settings. Mayer also said that Vibrant Media, PointRoll and WPP's Media Innovation Group used the same techniques to circumvent Safari's settings. All of the companies allegedly did so for advertising purposes; none reportedly collected users' names or other so-called personally identifiable information.
Of the companies named by Mayer, only Google was charged by the FTC. But the agency had more ammunition against Google than the others, given that the company indicated in its privacy policy that it didn't track Safari users. The FTC said that Google's statements in its privacy policy amounted to a misrepresentation -- which was especially problematic because Google settled a previous privacy case by promising that it wouldn't misrepresent its practices in the future.
While the FTC and state attorneys general were able to extract fines from Google, consumers who were affected by the hack haven't done that well in court. A group of consumers filed a potential class-action against all four companies named by Mayer, but a federal judge recently dismissed the case against all but PointRoll, which had agreed to settle the allegations. The consumers are now asking the 3rd Circuit to revive the lawsuit.
This latest settlement also requires Google to refrain from bypassing users' cookie controls in the future. The company also must create a “cookie page,” to tell consumers how to manage cookies, and how the company uses them. Doing so potentially could result in more people blocking cookies, but that prospect might be less troubling to Google now than in the past, given reports that it's exploring a way to track Chrome users without cookies.