Google Location Lawsuit: Make Them Pay Until It Hurts

Google is being sued for abusing people’s data again. This time the complaint relates to the revelation that switching off the ‘tracking history’ for various Google services on Android and Apple mobile phones does not mean Google stops tracking the user’s movements, as was first disclosed by an Associated Press investigation published last week. Google tacitly admitted they were at fault by changing the advice on the relevant help page a few days after the story broke. Now San Diego resident Napoleon Patacsil has filed a class action suit for unspecified damages. According to Reuters, Patacsil’s filing argues that Google has violated Californian privacy law and intruded into people’s private affairs.

On the face of it, Patacsil has a strong argument. Why did Google make it so confusing to disable location tracking unless they intended to collect data that people did not want them to have?! The Californian internet giant has plenty of prior form when it comes to grabbing data they are not entitled to.

  • In 2010, Google were found to be using their Street View vehicles to collect data from any unguarded wifi routers within range. In total they collected 600 gigabytes of data in 30 different countries. After being found guilty of privacy violations in the USA they spent the next four years trying to overturn the decision, but ultimately the US Supreme Court refused to hear their appeal.
  • In 2012, Google paid the US Federal Trade Commission a record USD22.5mn civil penalty because of their use of advertising cookies to monitor users of Apple’s Safari browser.
  • UK consumer champion Richard Lloyd, a former Executive Director of the UK Consumers’ Association and Special Advisor to the Prime Minister, is leading a representative action on behalf of the estimated 4 million iPhone users in England and Wales whose privacy was violated because of the Apple Safari abuse. The case is only going forward now because Google tried to shut down UK claims with a confidential settlement of an earlier case, but the Court decided the issues merited a full trial.

If you have not spotted a pattern by now, then there is no helping you. Google uses its enormous financial and legal resources to fight, fight and fight every legitimate claim that it abuses the privacy of customers. It would have been easy for Google to give users a simple on/off switch which meant that none of their location data was tracked. Instead they preferred to obfuscate the truth, hoping to collect data even from customers whose actions clearly indicated they did not want their location to be monitored.

As serious as Google’s wrongdoing has been for years, I fear we have now reached a critical juncture. Their vast wealth means it can afford to spend huge amounts on shaping opinion. Last year Google spent more on lobbying Washington than any other business. They pour money into influencing academic research. And Google already has a stranglehold on deciding which content is presented at the top of search rankings, which is why we must resist the methods used by Google to turn their search engine into everyone’s default choice. Society must disrupt Google’s monopolistic cycle of grabbing the the most data against the will of consumers, monetizing that data, then spending a tiny fraction of that wealth on lawyers, lobbyists, public relations and cronies who secure Google’s abusive dominance. We either do it now, or else risk Google gaining so much influence that they will never be forced to mend their ways.

Consider that Google has effectively taken ownership of at least one politician. US Congressman Ro Khanna is the author of an ‘internet bill of rights’, stated as six basic principles. The first principle is that everybody must have access to the web; any ISP can tell you how expensive it would be to deliver the necessary infrastructure to meet that expectation, especially as this will undoubtedly mean providing higher speeds every year. And the principle of universal access will not be helped by Khanna simultaneously insisting that zero rated services must be considered a violation of net neutrality – presumably meaning everybody must have access to the same services at a price so low that anybody can afford it. But whilst the Congressman is happy to hobble some businesses by demanding they spend more, his statement does not use the word privacy, nor call for any significant improvement or investment to secure people’s data, despite a recent Pew Research survey which found 75 percent of Americans think major technology companies do not do enough to protect the personal data of users.

The way privacy is tangentially handled by the bill of rights is to make specific demands that are focused on the behavior of governments – such as giving tech firms the right to disclose when the government had requested data. Khanna’s principles sidestep the most pervasive issue in privacy rights, which is that tech giants like Google have a lopsided relationship with users, and the consequence is that businesses with effective monopoly power can insist users give them personal data that is irrelevant to the services being provided. Internet platforms can demand personal data as a condition of becoming a user, but the US law puts them under little legal obligation to store it safely or to exert control over the entities they pass that data to, which is why the Cambridge Analytica debacle is considered a scandal for Facebook, as well as the previously obscure marketing business.

Perhaps Khanna was so keen to avoid formulating principles that would cost the big tech firms money because he submitted a draft version for their approval. But how should we rate Khanna’s passion for privacy, compared to that of other politicians? The best answer comes from Khanna himself.

The answer can’t be, on a scale of one to 10, Europe’s [GDPR] regulations [are] a nine, we’re a zero. Why can’t we get to a four or a five?

If the European Union’s new data privacy laws score 9 out of 10, Khanna would be satisfied if the USA adopted equivalent laws worth 4 or 5 on the same scale. Does that sound like the privacy champion you want writing your internet bill of rights?

Khanna’s attitude is easy to explain. The Congressman repeatedly slams the EU’s net neutrality laws for not being tough enough, whilst implying the EU’s privacy laws are too stringent. Does that sound the same as the lobbying position of any large internet company you know? Would you be surprised to learn that Khanna is based less than 20 minutes from Google’s head office? Or that Khanna receives more campaign funding from staff of Alphabet, Google’s holding company, than from any other firm?

Google’s influence is poisonous. The money they make is being recycled into an unassailable market position where they will continue to fund cronies, hire lawyers, oppose justice and pay fines, because this is much cheaper than rethinking the fundamentally unhealthy way they mislead and exploit billions of people. This latest scandal concerning the gathering of location data proves once again that Google are privacy recidivists, incapable of reforming themselves without outside intervention. The EU is one of the few entities mighty enough to stand up to Google, but Americans need their legal system to defend them too, before Google obtains even more sway over their government.

For all the data they gather about people, the leadership of Google has shown themselves to be disconnected from the concerns of ordinary individuals who rightly distrust big businesses that seek to monitor everything we do. To prompt real change the legal penalties they face must become much more severe. Previous fines have been like speed bumps for Google’s runaway juggernaut. The only way to force Google to change direction is to impose such severe financial penalties that it weakens their ability to fight back, and forces them to accept the public will. Now is the time to cause Google so much pain that they finally acknowledge the very real harm they are doing to our society.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.