back to article Google swats away £3bn Safari Workaround ad-tracking cookie lawsuit in Supreme Court victory

Google has successfully fought off a £3bn lawsuit brought in London over ad tracking cookies, beating the Google You Owe Us campaign in the Supreme Court of England and Wales. The case, brought in 2017, had "no real prospect of success", the Supreme Court unanimously ruled this morning, in a devastating blow for organisations …

  1. Paul Smith

    Another "get rich quick" scheme bites the dust

    I bet the lawyers still get paid :)

    1. Dave314159ggggdffsdds Silver badge

      Re: Another "get rich quick" scheme bites the dust

      The lawyers get paid by the litigation funders, who gambled and lost, this time. A win would see a very large share of the damages paid to the funders, because the case was so unlikely to win.

      1. Paul Smith

        Re: Another "get rich quick" scheme bites the dust

        That's exactly what I said and I got a bunch of down votes. Regardless of how scummy you think Google et al. are, this case was not about altruism or defending the poor and downtrodden. It was wasting the courts time in the hope of a big payout.

        1. Anonymous Coward
          Anonymous Coward

          Re: Another "get rich quick" scheme bites the dust

          Why not sue the downvoters for the distress that they have obviously caused you?

  2. LDS Silver badge

    Material damage in the cyber world

    This is the key - how did you measure "material damage" in what is akin a "espionage act"? You may not know what was actually "stolen", and how it was or will be used to damage you. You may understand it months or even years later, and maybe not directly. How easy is for each user to understand, for example, if dynamic pricing is using those data to make them pay more? Because the use of those data is very far from being transparent, it's quite impossible to draw a direct line from the gathered data and any "material damage" a user can incur.

    1. Anonymous Coward
      Anonymous Coward

      Re: Material damage in the cyber world

      I am wondering if any of this behaviour by Google et al, can be classed as voyeurism, or invasion of privacy.

      Since there is no statement or law that indicates that what you do on the internet is private, then it is difficult to stop being tracked.

      With the IPA there is the concern that the government bodies can track your web history, and although all and sundry can see the history (i mean too many allowed), somehow the government are missing that wholesale tracking by corporations is already happening (by foul means too).

      1. LDS Silver badge

        "Since there is no statement or law that indicates that what you do on the internet is private"

        I don't know what privacy laws were in place in 2012 - still the question is exactly that. An invasion of privacy may not bring to immediate "material" damages. That way the court applied a restrictive assessment that it's difficult to apply to a domain that is mostly "immaterial".

        1. LybsterRoy Bronze badge

          Re: "Since there is no statement or law that indicates that what you do on the internet is private"

          I though all the court said was words to the effect of "you made sweeping claims without any proof" sounds fair to me

          1. LDS Silver badge

            Re: "Since there is no statement or law that indicates that what you do on the internet is private"

            The issue here is exactly you can't get any proof unless you force Google to show what it collected and how it used it. Something no user can do, unless they break in Google systems, or a whistleblowers tells it.

            Because this is not a case when direct "material damage" can be caused. The use of those data can harm you - in ways that is very difficult to trace back to the root cause.

            That's why privacy laws punish the collecting and access of data, regardless of any actual "material damage". Or do you mean that if someone steals and publish a database of gun owners, no actual "material damage" occurs until one is killed with one of those guns just stolen?

            You mean you can sue someone installing flammable panels on a building, and you have to wait they put on fire the entire building, then causing "material damage"?

            There are actions that are dangerous per se, and needing to prove they caused and actual material damages is stupid - and dangerous. It could be too late.

            1. msobkow Silver badge

              Re: "Since there is no statement or law that indicates that what you do on the internet is private"

              I think the courts were quite clear that they expected the appelants to collect testimony, not necessarily direct causal evidence. But they didn't even gather enough testimony to demonstrate how this information was purportedly harmful or implemented illegally.

              You can't go around making statements like "obviously illegal" in court filings; you have to demonstrate exactly how something is illegal in a preponderance of related cases.

        2. Gordon 10 Silver badge

          Re: "Since there is no statement or law that indicates that what you do on the internet is private"

          "hat way the court applied a restrictive assessment that it's difficult to apply to a domain that is mostly "immaterial"."

          But that's not what the court said. The court said making no attempt to assess or quantify damages was not acceptable. It wasn't ruling on the extent of materiality - it was ruling on the fact that materiality wasn't attempted to be established - a subtle but important difference.

    2. Dwarf Silver badge

      Re: Material damage in the cyber world

      If there was no gain to Google, then they wouldn't be doing it.

      The person having it done to them is loosing out, since they have lost anonymity and are providing data to Google to monetise, therefore they are loosing out by giving something (under duress) and getting nothing back.

      I wonder if they can turn this argument on its head since people don't do anything for nothing and its generally accepted that its impossible to prove a negative, but it is possible to prove a positive.

      1. dom_f

        Re: Material damage in the cyber world

        Curious as to how this could be considered "under duress"?

        threats, violence, constraints, or other action used to coerce someone into doing something against their will or better judgement

      2. Dave314159ggggdffsdds Silver badge

        Re: Material damage in the cyber world

        The thing is, individually the data is pretty much valueless. There is essentially no quantifiable financial harm caused in any individual case, hence the reliance on other provisions - distress - to claim compensation.

    3. LybsterRoy Bronze badge

      Re: Material damage in the cyber world

      I suggest a course in probability vs possibility

  3. Anonymous Coward
    FAIL

    You fucking liar

    Because...

    "In a statement a Google spokeswoman said: "This claim was related to events that took place a decade ago and that we addressed at the time. People want to know that they are safe and secure online, which is why for years we've focused on building products and infrastructure that respect and protect people's privacy."

    Again, you fucking liar

    1. Jimmy2Cows Silver badge

      Re: You fucking liar

      The article omitted to say if the aforementioned spokeswoman was smiling while she said it.

      1. Cereberus

        Re: You fucking liar

        If she kept a straight face I definitely want to play poker with her.

        I nearly choked when I read this bit, just because it is such a bare faced lie*

        *Unless of course she was referring to all those 'other people' who would collect and abuse your data. Google of course wouldn't as they are such a responsible company.

        *Choke* *Choke* Silence.................

  4. DS999 Silver badge

    That's a high burden of proof

    If you have to show Google made wrongful use of the data or you suffered material harm. How the heck are individual consumers supposed to know what Google is doing behind the scenes? Unless someone in the know leaks documentation/emails that prove their case for them, almost any amount of privacy raping will go unpunished because individual consumers won't be able to prove it hurt them specifically!

    Even with juicy leaks the courts might find for Google because even if they acknowledge doing it in a general sense to everyone, it would still have to be linked to harm to specific people. Sort like if they catch a guy who admits to raping "most of the women in this dorm" but specific women can't produce the DNA evidence to prove they were one of the "most".

    1. ravenviz Silver badge

      Re: That's a high burden of proof

      No thank you for your awful analogy!

    2. Dave314159ggggdffsdds Silver badge

      Re: That's a high burden of proof

      "If you have to show Google made wrongful use of the data or you suffered material harm"

      Eh? Read the judgment. That is not the issue here.

  5. anonymous boring coward Silver badge

    So the takeaway from this is that taking data unlawfully is OK, as long as the one you took it from can't explicitly, and on an individual basis, point to the damage this caused?

    Good to know.

    Glad EU isn't as cowardly and/or bought.

    1. Dave314159ggggdffsdds Silver badge

      "So the takeaway from this is that taking data unlawfully is OK, as long as the one you took it from can't explicitly, and on an individual basis, point to the damage this caused?"

      No, that's the exact opposite of the situation here. The UKSC just said that there is no doubt individual cases can be pursued.

      This story is about a failure to wrap all the individual cases up into a class action by twisting some legal principles. It is clearly not possible to have a class action when the members of the proposed class have suffered very different amounts of damage.

      1. Anonymous Coward
        Anonymous Coward

        Technically correct, however how can individuals afford to take action? They cannot, and no one would take the case either as there would not be a way of demonstrating the level of damage that they they could take payment from. Therefore the court has said fuck it Google can do what they like.

        1. Dave314159ggggdffsdds Silver badge

          Individuals have already done that. This was bandwagon-jumping by the litigation funders based on the previously obtained ruling.

          It doesn't cost anything significant to bring an action where there is already a ruling that directly covers the case. Filing fees, which could be claimed back.

          And you don't need to 'demonstrate the level of damage'; that's what the 'distress' part is about.

  6. Tessier-Ashpool

    Don’t be evil

    Just a thought.

  7. Anonymous Coward
    Anonymous Coward

    Do we really want US litigation culture?

    This will be an unpopular view amongst those who want to see Google’s wings clipped (a group to which I belong) but the judgement may be good for UK law*, in that it upholds the requirement to show damage in order to claim compensation for it. IANAL, but have studied commercial law, UK law requires three things to be proven when seeking compensation:

    - actual damage (which can be broadly interpreted- the Clapham omnibus rule),

    - the defendant had a duty of care, and

    - the defendant’s action (or inaction) led to the damage.

    We are regularly amazed (and sometimes laugh) at the antics in US courts: this decision is one reason we don’t get similar cases in the UK.

    *Strictly speaking, not UK law, as there are differences between, for example, English and Scottish law - but the same principles apply across the jurisdictions.

    1. Dave314159ggggdffsdds Silver badge

      Re: Do we really want US litigation culture?

      "in that it upholds the requirement to show damage in order to claim compensation for it"

      It doesn't. This is a case about whether all the individual claims can be wrapped up into a class action. That's _all_.

      1. LybsterRoy Bronze badge

        Re: Do we really want US litigation culture?

        Answer is still NO!

    2. LybsterRoy Bronze badge

      Re: Do we really want US litigation culture?

      Ah - a headline with a question mark - the answer is NO!

  8. msobkow Silver badge

    The court most certainly did not insist that every individual member file their own suit. They mandated that there has to be evidence and testimony collected from them to demonstrate how they were damaged.

    But it is easy to forget things like "burden of proof" when you've got those multi-billion dollar and pound signs spinning in your empty head...

  9. Omnipresent

    so it's legal

    to break into your home, as long as you don't realize I stole anything. If you can't prove it's missing, then there is no crime.

    Thanks judge, here's your buttcoins.

    PS: NOBODY, not even the military..... NOBODY gets into googles offshore servers. You will never see what they took.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

  • It's a crime to use Google Analytics, watchdog tells Italian website
    Because data flows into the United States, not because of that user interface

    Updated Another kicking has been leveled at American tech giants by EU regulators as Italy's data protection authority ruled against transfers of data to the US using Google Analytics.

    The ruling by the Garante was made yesterday as regulators took a close look at a website operator who was using Google Analytics. The regulators found that the site collected all manner of information.

    So far, so normal. Google Analytics is commonly used by websites to analyze traffic. Others exist, but Google's is very much the big beast. It also performs its analysis in the USA, which is what EU regulators have taken exception to. The place is, after all, "a country without an adequate level of data protection," according to the regulator.

    Continue reading
  • Hangouts hangs up: Google chat app shuts this year
    How many messaging services does this web giant need? It's gotta be over 9,000

    Google is winding down its messaging app Hangouts before it officially shuts in November, the web giant announced on Monday.

    Users of the mobile app will see a pop-up asking them to move their conversations onto Google Chat, which is yet another one of its online services. It can be accessed via Gmail as well as its own standalone application. Next month, conversations in the web version of Hangouts will be ported over to Chat in Gmail. 

    Continue reading
  • I was fired for blowing the whistle on cult's status in Google unit, says contractor
    The internet giant, a doomsday religious sect, and a lawsuit in Silicon Valley

    A former Google video producer has sued the internet giant alleging he was unfairly fired for blowing the whistle on a religious sect that had all but taken over his business unit. 

    The lawsuit demands a jury trial and financial restitution for "religious discrimination, wrongful termination, retaliation and related causes of action." It alleges Peter Lubbers, director of the Google Developer Studio (GDS) film group in which 34-year-old plaintiff Kevin Lloyd worked, is not only a member of The Fellowship of Friends, the exec was influential in growing the studio into a team that, in essence, funneled money back to the fellowship.

    In his complaint [PDF], filed in a California Superior Court in Silicon Valley, Lloyd lays down a case that he was fired for expressing concerns over the fellowship's influence at Google, specifically in the GDS. When these concerns were reported to a manager, Lloyd was told to drop the issue or risk losing his job, it is claimed. 

    Continue reading
  • End of the road for biz living off free G Suite legacy edition
    Firms accustomed to freebies miffed that web giant's largess doesn't last

    After offering free G Suite apps for more than a decade, Google next week plans to discontinue its legacy service – which hasn't been offered to new customers since 2012 – and force business users to transition to a paid subscription for the service's successor, Google Workspace.

    "For businesses, the G Suite legacy free edition will no longer be available after June 27, 2022," Google explains in its support document. "Your account will be automatically transitioned to a paid Google Workspace subscription where we continue to deliver new capabilities to help businesses transform the way they work."

    Small business owners who have relied on the G Suite legacy free edition aren't thrilled that they will have to pay for Workspace or migrate to a rival like Microsoft, which happens to be actively encouraging defectors. As noted by The New York Times on Monday, the approaching deadline has elicited complaints from small firms that bet on Google's cloud productivity apps in the 2006-2012 period and have enjoyed the lack of billing since then.

    Continue reading
  • Google has more reasons why it doesn't like antitrust law that affects Google
    It'll ruin Gmail, claims web ads giant

    Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes.

    The law bill in question is S.2992, the Senate version of the American Innovation and Choice Online Act (AICOA), which is closer than ever to getting votes in the House and Senate, which could see it advanced to President Biden's desk.

    AICOA prohibits tech companies above a certain size from favoring their own products and services over their competitors. It applies to businesses considered "critical trading partners," meaning the company controls access to a platform through which business users reach their customers. Google, Apple, Amazon, and Meta in one way or another seemingly fall under the scope of this US legislation. 

    Continue reading
  • Google recasts Anthos with hitch to AWS Outposts
    If at first you don't succeed, change names and try again

    Google Cloud's Anthos on-prem platform is getting a new home under the search giant’s recently announced Google Distributed Cloud (GDC) portfolio, where it will live on as a software-based competitor to AWS Outposts and Microsoft Azure Stack.

    Introduced last fall, GDC enables customers to deploy managed servers and software in private datacenters and at communication service provider or on the edge.

    Its latest update sees Google reposition Anthos on-prem, introduced back in 2020, as the bring-your-own-server edition of GDC. Using the service, customers can extend Google Cloud-style management and services to applications running on-prem.

    Continue reading
  • Abortion rights: US senators seek ban on sale of health location data
    With Supreme Court set to overturn Roe v Wade, privacy is key

    A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.

    The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.

    Continue reading
  • FTC urged to probe Apple, Google for enabling ‘intense system of surveillance’
    Ad tracking poses a privacy and security risk in post-Roe America, lawmakers warn

    Democrat lawmakers want the FTC to investigate Apple and Google's online ad trackers, which they say amount to unfair and deceptive business practices and pose a privacy and security risk to people using the tech giants' mobile devices.

    US Senators Ron Wyden (D-OR), Elizabeth Warren (D-MA), and Cory Booker (D-NJ) and House Representative Sara Jacobs (D-CA) requested on Friday that the watchdog launch a probe into Apple and Google, hours before the US Supreme Court overturned Roe v. Wade, clearing the way for individual states to ban access to abortions. 

    In the days leading up to the court's action, some of these same lawmakers had also introduced data privacy bills, including a proposal that would make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    Continue reading
  • Google: How we tackled this iPhone, Android spyware
    Watching people's every move and collecting their info – not on our watch, says web ads giant

    Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).

    RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.

    We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.

    Continue reading
  • Makers of ad blockers and browser privacy extensions fear the end is near
    Overhaul of Chrome add-ons set for January, Google says it's for all our own good

    Special report Seven months from now, assuming all goes as planned, Google Chrome will drop support for its legacy extension platform, known as Manifest v2 (Mv2). This is significant if you use a browser extension to, for instance, filter out certain kinds of content and safeguard your privacy.

    Google's Chrome Web Store is supposed to stop accepting Mv2 extension submissions sometime this month. As of January 2023, Chrome will stop running extensions created using Mv2, with limited exceptions for enterprise versions of Chrome operating under corporate policy. And by June 2023, even enterprise versions of Chrome will prevent Mv2 extensions from running.

    The anticipated result will be fewer extensions and less innovation, according to several extension developers.

    Continue reading

Biting the hand that feeds IT © 1998–2022