This week, a federal jury in California found Google liable on two counts of privacy violations for continuing to collect the data of millions of users who had turned off a data tracking setting in their Google Accounts. Google has to pay $425 million for the privacy violations.
Google denies the allegations in the lawsuit and plans to appeal the verdict, so there is no date set yet on when members of the nationwide class action lawsuit will get a payout or how much that payout will be. If a court overturns the verdict after the appeal, there might be no payout at all.
Here’s what you need to know about the lawsuit, what’s next for the $425 million payout ordered by the jury and what you need to know about protecting your privacy and online security.
From just $107.88 $24.99 for Kiplinger Personal Finance
Be a smarter, better informed investor.
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
What is the Google class action lawsuit about?
The case of Rodriguez v. Google LLC was originally filed in July, 2020. The plaintiffs accused Google of continuing to collect user data despite those users expressly turning off data tracking settings in their Google accounts.
According to the class action lawsuit website for the case, “Google unlawfully accessed their [class action members’] mobile devices to collect, save, and use the data concerning their activity on non-Google apps that have incorporated certain Google software code into the apps.”
The plaintiffs allege that Google misrepresented the data privacy options that users have and that, because of Google’s near-omnipresence on the internet, users have no meaningful way of stopping the company from tracking their data.
In the original complaint filed in July 2020, the plaintiffs said that Google “intercepts, tracks, collects and sells consumer mobile app browsing history and activity data regardless of what safeguards or ‘privacy settings’ consumers undertake to protect their privacy.”
They further allege that this true even if you don’t use Google-branded apps or devices as “Google still tracks and compiles their communications by covertly integrating Google’s tracking software into the products of other companies.”
The plaintiffs argue that 70% of websites use Google Analytics. I couldn’t find a source to verify that number. But, according to GA4, a company that provides training and support for businesses using Google Analytics, 44 million websites use the data analysis tools, representing over 55% of all websites.
In either case, the plaintiffs’ argument about the difficulty of avoiding being tracked by the service still holds. “Other than staying off the internet entirely, there is no effective way for consumers to avoid Google Analytics and its surreptitious tracking.”
In short, the lawsuit argues that because of the widespread use of Google Analytics, which continues to track users’ activity and other data across both websites and apps, the company misrepresented the degree of control users have over what data is collected about them and when.
On Wednesday, the jury agreed with the plaintiffs that this constituted an invasion of privacy, though it did not agree that Google violated users’ privacy with malice, oppression or fraud – a distinction that would have, potentially, allowed the court to demand “disgorgement” of the profits Google made by collecting that data.
As of now, Google denies all allegations and will be appealing the jury’s verdict. In a brief filed on Tuesday, Google’s legal defense team argued, among other things, that its disclosures and privacy policy statements are unambiguous and could not be misread. Specifically, the setting in question does not explicitly state that it revokes permission for the company to collect data for Google Analytics.
In other words, Google argues that users should have known that turning off “Web & App Activity” tracking in their Google account settings would not, in fact, stop Google from tracking web and app activity. During the trial, the plaintiffs countered that point by arguing that the language is intentionally vague and deceptive on this point.
How much does Google have to pay as part of the lawsuit?
While the plaintiffs initially sued for $31 billion in damages, the jury didn’t find Google liable on the third count of violating the CDAFA. But, for their liability on the two counts of privacy violations, the jury determined that Google has to pay $425 million. That includes approximately $247 million for members with Android devices and $178 million for members with non-Android devices.
The final amount, if any, is still to be determined since Google is appealing the verdict.
Who is eligible for the $425 million class action lawsuit and payout?
There are approximately 98 million members of the class action lawsuit. Specifically, those who might be eligible for a payout if Google’s appeal is rejected include individuals who meet the following criteria:
- Had a Google account that is “non-enterprise” or “non-Unicorn” (meaning a supervised account for users under 13).
- Turned the “Web & App Activity” or “supplemental Web & App Activity” setting turned off or paused at any point between July 1, 2016 and September 23, 2024.
- Despite turning off or pausing that setting, your data was still transmitted to Google from a non-Google branded app.
Can you protect your privacy online?
What this case highlights for users of the internet is that you should assume your data is always being collected by default.
Even if you have access to privacy settings on a particular app, website or service, there’s a good chance your data is still being collected, if not by the website itself, by the Google Analytics code embedded in approximately 55% to 70% of websites.
Given that reality, what can you do to reclaim some control over your privacy? Here are a few tips that aren’t perfect solutions, but can help:
- Limit the number of apps you download to your mobile devices. And, regularly uninstall apps that you no longer use.
- Make use of whatever privacy controls a website or app does offer. When you get that cookie notice upon landing on a website, look carefully for your options to turn off as many tracking settings as the website allows you to. Upon signing up for a service or downloading an app, go to the account settings and turn on any privacy settings that you can. Check back regularly for new privacy settings as these do change periodically.
- Use a virtual private network (VPN), a type of software that encrypts your online activity and obscures your location when browsing the internet.
- Be aware that even with all of these privacy settings enabled, there is still, more often than not, a lot of data about your online activity, devices and even location being collected and shared about you. Keeping this in mind can help protect yourself from scams and fraud by making you more alert to suspicious emails, texts or phone calls, even when they include personal information about you.
Related content
-
Surprising Foods to Enjoy and Avoid to Live LongerWant to live a longer, healthier life? Here are some surprising foods to enjoy (coffee!) and to avoid (some types of spinach!).
-
The October 15 Tax Deadline Is Coming: A Tax Attorney Highlights What You Need to KnowIf you filed an extension in April, time is running out to get your taxes wrapped up for last year. Here's what you need to know for filing your 2024 taxes and preparing for tax year 2025.
-
A Nasty Surprise Awaits Snowbirds: Thousands in Unexpected BillsBefore leaving your home for the winter, remember to do this one thing, or else you might face an expensive repair bill upon return.
-
I'm a CFP: Here's What You Should Do if Your Financial Adviser's Firm Gets AcquiredYou've had the same financial adviser for a long time, but things are changing. Now what? Stay the course, or jump ship? Five questions could help you decide.
-
ABLE Accounts: A Special Needs Consultant Breaks Down Common MythsABLE accounts help thousands of people with disabilities, but misconceptions still prevent eligible families from applying. Here, a financial professional separates fact from fiction.
-
How to Navigate Your Finances After Losing Your Spouse: Thoughts From a Financial PlannerIt's important you get involved in financial planning now so you're prepared and confident to make decisions when you potentially become your own financial manager.
-
The Five Best Cruise Lines for RetireesRetirement is an ideal time for cruising. Check out the five best cruise lines for comfort, ease, and unforgettable experiences.
-
My First $1 Million: Oil and Gas Retiree, 67, Round Rock, TexasEver wonder how someone who's made a million dollars or more did it? Kiplinger's My First $1 Million series uncovers the answers.
-
Why Jerry Quit Ben & Jerry's: Five Signs It Might Be Time for You to Do the SameAfter 47 years with Ben & Jerry's, co-founder Jerry Greenfield has stepped down. His decision highlights an important truth: Sometimes it's not about waiting for retirement — it's about recognizing the signs that it's time to quit.
-
Amex Platinum Just Got More Expensive: $895 Fee and $3,500 in Perks ExplainedAmerican Express raises the Platinum Card’s annual fee to $895 and expands its perks. We break down the changes so you don’t have to.
