Google Sued for Invading the Privacy of Millions in UK


Community Manager
Thread author
Staff Member
Oct 23, 2012
Google is being sued on behalf of millions in the UK over privacy violations, after it allegedly secretly accessed their browsing data on iPhones.

The former director of consumer group Which?, Richard Lloyd, is seeking compensation for up to 5.4m Britons in the equivalent of a class-action lawsuit. He alleges that Google circumvented the default privacy settings for Safari on iPhones and iPads between the summer of 2011 and spring of 2012, in a clandestine effort to surreptitiously collect browsing histories of individuals and serve targeted advertising.

The issue was first brought up back in 2013, but Google argued at the time that it did not have to answer to the English courts and that UK privacy laws don’t apply to it, as an American company. But in 2015, Britain’s Court of Appeal ruled that UK consumers do actually have the right to sue Google over the issue, after which the internet behemoth agreed to an undisclosed settlement in a subsequent lawsuit. Lloyd is now bringing a much larger “representative action”—which will pay out £300 to each plaintiff. People who owned an iPhone or iPad during the effective time period will be automatically included in the claim.
The claim is that Google manipulated a feature in Apple’s Safari web browser in order to place the DoubleClick ID Cookie on Apple devices. Allegedly, Google used the ‘Form Submission Rule’ exception within Safari (which allows users to click on Like buttons and similar interactions) to then trick the browser into thinking the user had visited the first-party domain that the DoubleClick cookie is sent from—thus allowing Google to set the ID Cookie and update it as a third-party cookie via other web sites. With that, it became able to trace a user’s browsing history.

“I believe that what Google did was quite simply against the law,” said Lloyd. “Their actions have affected millions, and we’ll be asking the courts to remedy this major breach of trust. Through this action, we will send a strong message to Google and other tech giants in Silicon Valley that we’re not afraid to fight back if our laws are broken.”

Lee Munson, security researcher at said that while the incoming General Data Protection Regulation (GDPR) will do little to change the illegality of collecting personal information without people’s consent, it will up the ante in terms of the financial penalties that could be handed to any company that engages in any such activity.

"Given how Google has previously been fined heavily for monitoring browsing histories, it is not that surprising to learn about its alleged historic collection of data from iPhone users,” he said, via email. “Also, considering how that data was reportedly collected, despite Apple having privacy settings in place to prevent it, it would not be surprising at all to find out that this is not an isolated case.”

He added, “Hopefully, therefore, this will be the last time we hear of any alleged surreptitious data collection from unknowing victims who may have believed they had taken the necessary steps to prevent it occurring."

tim one

Level 21
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
This is not a surprise, Google is everywhere: web browsing, social networking, maps, satellites, etc... Google is in our phone, on our desktop, it is invading every aspect of our lives: personal and commercial relationships. Now Google has a real power on anyone who uses the Network, or virtually anyone in the world.

All of this is simply in its own nature.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.