Google cops record fine for Safari bypass

Cookie crumbles.

Google will pay $US22.5 million ($AU21.3 million) to settle charges it bypassed user privacy settings in the mobile Safari browser, the US Federal Trade Commission said on Thursday.

The deal ends an FTC probe into allegations the search giant used cookies to bypass the default security settings on the Safari browser on iPhones and iPads to monitor users for advertising purposes.

Jonathon Mayer, the Stanford University graduate student who discovered Google's special approach to Safari, alleged Google and other media companies "intentionally circumvent Safari’s privacy feature".

Google has said the tracking of Safari users was inadvertent and that it collected no personal information such as names, addresses or credit card data. But the tracking was done despite assurances Safari could be set to protect user privacy.

The company has said the investigation was prompted by a 2009 help center web page that predated a change in Apple's cookie-handling policy.

The practice was in violation of a 2011 consent decree Google negotiated with the FTC over its botched rollouts of the now defunct social network Buzz.

Google was not required to admit to any liability as part of the settlement.

While it was the largest penalty the FTC has ever placed on a company for violating a Commission order, the fine is a drop in the bucket for a company that chalked up revenues of $US12.21 billion in the second quarter. But revelations of the cookie use embarrassed the search engine company.

"No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place," FTC Chairman Jon Leibowitz said in a statement.

Google will also have to disable the tracking cookies that ended up on consumers' computers, despite the company's assurances it was not placing cookies.

The Safari issue is not Google's first brush with potential privacy violations.

Launched in February 2010 to compete with Twitter, Buzz initially used its Gmail customers' email contact lists to create social networks of Buzz contacts the rest of the world could see, which led to an uproar.

Google quickly changed the settings so that contacts were kept private by default. It settled with the FTC on Buzz in March 2011.

It also tightened its privacy policy in the wake of revelations that Street View cars, which take panoramic pictures of city streets, inadvertently collected data from unsecured wireless networks in more than 30 countries.

The FTC has closed its investigation into the issue, which was also probed by the governments of Britain, Australia, France, Singapore and Switzerland, among others.

The search giant is also the subject of a wide-ranging antitrust investigation by the FTC and European regulators over accusations it manipulated search results to favour its own products.

Reporting By Jasmin Melvin and Diane Bartz; editing by Gerald E. McCormick and Andre Grenon