Google in hot water after allegedly bypassing Apple’s Safari browser privacy settings

Google is facing an inquest after having allegedly been caught bypassing Apple’s Safari web browser privacy settings on iPhone, iPad, and Mac. Google gets the big headline, of course, but Vibrant Media Inc., WPP PLC's Media Innovation Group LLC and Gannett Co.'s PointRoll advertising companies were all named in the report for tracking the web browsing habits of Safari and Safari Mobile users even when users have opted out of such tracking via Safari's cookie settings. According to the Wall Street Journal, Google and the other advertising companies used a special code that tricked Apple’s Safari browser into providing information even though it should have blocked it.

The Google code was spotted by Stanford researcher Jonathan Mayer and independently confirmed by a technical adviser to the Journal, Ashkan Soltani, who found that ads on 22 of the top 100 websites installed the Google tracking code on a test computer, and ads on 23 sites installed it on an iPhone browser.  The technique reaches far beyond those websites, however, because once the coding was activated, it could enable Google tracking across the vast majority of websites

Google issued a statement to the WSJ claiming that it had mischaracterized what had happened and claimed Google had used known Safari functionality to provide features that signed-in Google users had enabled.

Google has since disabled the rogue code after being contacted by The Wall Street Journal. WebKit, the open-source browser engine that powers Safari (as well as Google's Chrome browser) already has a fix in place to prevent the work around, and Apple should be rolling that out to iOS users in a future update.

An Apple official said: "We are working to put a stop" to the circumvention of Safari privacy settings.

This bypass seems specific to Safari because, according to one of the advertisers, no other major web browser blocks their tracking by default. (Which should make any Chrome, Firefox, etc. users race to their settings post haste.)

This should also serve as yet another reminder not to believe companies by the words, but by their deeds. "Don't be evil" or "we care about every customer" is easy to say, and as technology enthusiasts we're predisposed to believe and even vigorously defend the companies we love. But they're big, they're out to make money, and as advertising revenue increases, we become their products, not their customers.

Were you surprised by this news? Is Google getting more of the attention than they deserve because they have the biggest name? How do you feel about companies bypassing Apple's tracking protection?

Source: WSJ


UK editor at iMore, mobile technology lover and air conditioning design engineer.