In an age where data is everything, the constant give-and-take over giving up a certain amount of digital privacy in exchange for free services (Facebook, Google
products, etc.) can often veer into murky waters. This week, Stanford researcher Jonathan Mayer spotted Google neck deep in it, and the Wall Street Journal broke the story wide open
browser blocks most third-party cookies by default, so users don’t have to mess with it. Google apparently developed a way to secretly get around the blocks: It found a loophole in Safari’s privacy settings that allows an ad to track a user if the user interacts with the ad, and it made the browser think that was happening by sending an invisible form.
The WSJ included this helpful infographic to explain how it worked:
Although Safari has a very small share in the desktop browser market, it’s the default browser on iOS devices, so it accounts for a much larger percentage of mobile Web traffic.
Image credit: Gizmodo
The WSJ posted a statement from Google, which said: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
If this activity was indeed on the up and up, why did Google keep it hidden? The company has no problem telling us that it’s changing its privacy policies and absorbing the backlash, so why do this in secret?
Perhaps this wasn't technically evil, but it was certainly sneaky and unsettling, and it makes the whole "Don't be evil" mantra seem like mere lipservice.
Google wasn’t the only culprit, though; the WSJ found that three other companies were guilty of the same thing: Vibrant Media Inc., Media Innovation Group LLC, and PointRoll Inc.
According to the Journal, Google took down the code after the paper contacted it on Thursday.