The Court of Appeals in London has ruled that legal action against Google over allegations it collected data from more than 4 million iPhone users, can go ahead.
The case centres over whether Google allegedly misused Safari’s security settings in order to track user activity between September 2011 and February 2012.
Safari is designed to block tracking but default, but Google apparently bypassed this feature (the so called ‘Safari Workaround’) to place cookies that gathered information on users and their habits so the search giant could deliver more targeted adverts.
In 2013 Google had to pay a $17 million (£10.5m) settlement to 37 US states to resolve the allegations the company violated consumer privacy by using tracking cookies.
After that in 2017 Google was hit lawsuit over the matter, but in October 2018 London’s High Court ruled that Google’s alleged role in the collection, collation and use of data from the browser was wrongful and a breach of duty, but claimants had not suffered “damage” as specified by Britain’s Data Protection Act.
But now the Court of Appeals in London has overturned this ruling, which had in effect blocked any route to legal redress.
James Oldnall, lead lawyer on the case, told Reuters that the Court of Appeal decision had “confirmed our view that representative actions are essential for holding corporate giants to account”.
Richard Lloyd, the representative claimant in the mass action, was quoted as saying on Wednesday’s judgement “sends a very clear message to Google and other large tech companies: you are not above the law.”
“Google can be held to account in this country for misusing people’s personal data, and groups of consumers can together ask the courts for redress when firms profit unlawfully from ‘repeated and widespread’ violations of our data protection rights,” he added.
Google told Reuters protecting the privacy and security of its users had always been its number one priority.
“This case relates to events that took place nearly a decade ago and that we addressed at the time,” a spokeswoman said. “We believe it has no merit and should be dismissed.”
The legal case to settle the matter is expected to take many more years.
In 2012 Google also had to pay a $22.5 million fine to the US Federal Trade Commission (FTC) for bypassing the privacy settings of Apple’s Safari browser.