Google has agreed to pay $9.5 million to resolve a lawsuit filed earlier this year by Washington DC Attorney General Karl Racine, who accused Google of “deceiving people and breaching their privacy.” Google has also agreed to modify certain of its procedures, mainly how it notifies users about the collection, storage, and use of their location data.
Racine’s office also accused Google of using “dark patterns,” which are design decisions meant to trick people into doing acts that aren’t in their best interests. The AG’s office stated that Google constantly asked users to enable location monitoring in certain applications and advised them that key functions would not function correctly if location tracking was disabled. Racine and his colleagues discovered that location data was not even required for the app in the issue. According to them, Google has made it “difficult for consumers to opt-out of having their location recorded.”
Google received a pittance of $9.5 million. Last quarter, it took Alphabet less than 20 minutes to generate as much money. Changes to the company’s procedures as part of the settlement may have a greater effect.
Individuals who have particular location settings enabled will get alerts explaining how to deactivate each option, erase the related data, and restrict how long Google may store that information. Users who create a new Google account will be told about which location-related account settings are enabled by default and given the option to disable them.
Google will have to keep its website up to date with information about its location data practices and standards. This will provide methods for users to access their location settings as well as information on how each option affects Google’s collection, retention, or usage of location data.
Furthermore, without the user’s express approval, Google will be prohibited from sharing a person’s exact location data with third-party advertising. Within 30 days of receiving the information, the corporation must destroy location data “that comes from a device or from an IP address in site and app activity.”
